Linux to Win Share; diff. subnets; thru firewall - Help pls

Hi folks,

hopefully someone here can help me out please. I've done lots of reading
incl. John Terpstra's pages at;

http://www.cise.ufl.edu/help/softwar...a/BROWSING.txt and
http://www.cise.ufl.edu/help/softwar...ING-Config.txt

And whilst these are fairly comprehensive, I don't feel I have quite
grasped it yet.

I am running a small P2P network. I have a DMZ and an internal network.

Internally 1 x XP, 1 x 2K and 1 x '98. I also have a Win Srvr 2003
machine which acts as file server on which I have various shares set up.
Internal range 192.168.X.X

This all sits behind a Linksys firewall/router, which does not accept
broadcast. It also, unless specifically 'forwarded' or 'triggered' stops
anything coming through from the outside. (like you'd expect from a
firewall really)

Externally, on the other side is (among others) a WhiteBox 3.0 Linux
(based on RHEL 3.0) machine which acts as gateway/router to the net and
DNS for the internal network (but itself solely uses external DNS's for
resolution). DMZ interface 10.18.X.X

I just want the linux box to connect to and use one of the '03 machine's
shares as filesystem.

From what I've read, this is what I understand;

I don't actually need SAMBA so much as I need smbmount; ...??
I can only pick up the name of a Windows share by using NetBIOS;.....??
In order to NetBIOS browse (i.e. Network neighbourhood browse), I need
to use WINS; .....??
If I set up WINS on my network, I have to effectively set up WINS for
ALL machines on the network;......??
If I start to use WINS, the '98 machine will no longer be able to browse
the neighbourhood; .....?? I.e. If I set up WINS, I exclude this machine
from the network;....??

So, what I need to ask please is;

Is all of the above true? Specifically the bit about the '98 machine no
longer being able to resolve?

As I don't specifically want to browse, rather just map directly to a
specific machine, do I still need to set up WINS?

For ALL machines??

Where, in your opinion would be the best place to set up the WINS server
in my situation? On the linux box or on the Win '03 box?

What ports specifically are used in this type of scenario (so I can open
them up in iptables and on the Linksys)?? Can communication be locked
down to certain ports?

And finally; if I want the linux box to re-connect on boot, I need to
add a line to fstab, ...... yes....??

Lots of questions I know, sorry.

Can you show me the light at the end of the tunnel .... pls.

"KDoc" <(E-Mail Removed)> wrote in message
news:42faa109$(E-Mail Removed). ..

> I just want the linux box to connect to and use one of the '03 machine's
> shares as filesystem.
>
> From what I've read, this is what I understand;
>
> I don't actually need SAMBA so much as I need smbmount; ...??

mount -t smbfs //machine03/sharename /local/mountpoint -o \
username=machine03user,uid=linuxuser,gid=linuxgrou p

The uid,gid options will set the user:group of the Linux /local/mountpoint.

Hi,

thanks, yes I have tried that and it doesn't seem to connect.

I opened port 445 in iptables and on the linksys, but it still doesn't
seem to be getting through.

Is there another port it requires? Is 445 just for negotiation/discovery
and then does it then negotiate some other obscure port via which to
communicate.

And if it does, can I lock it down?

And can this be set up in 'fstab' as well?

MTiA

K

ynotssor wrote:
> "KDoc" <(E-Mail Removed)> wrote in message
> news:42faa109$(E-Mail Removed). ..
>
>
>>I just want the linux box to connect to and use one of the '03 machine's
>>shares as filesystem.
>>
>> From what I've read, this is what I understand;
>>
>>I don't actually need SAMBA so much as I need smbmount; ...??
>
>
> mount -t smbfs //machine03/sharename /local/mountpoint -o \
> username=machine03user,uid=linuxuser,gid=linuxgrou p
>
> The uid,gid options will set the user:group of the Linux /local/mountpoint.
>

KDoc <(E-Mail Removed)> écrivait
news:42faab94$(E-Mail Removed):
> Is there another port it requires? Is 445 just for
> negotiation/discovery and then does it then negotiate some other
> obscure port via which to communicate.

Try opening ports 135 to 137 (netbios services), but don't open these ports
from the internet side.

>>>I don't actually need SAMBA so much as I need smbmount; ...??

SAMBA = file server (on linux)
smbfs = samba client (to windows or linux Samba)

KDoc <(E-Mail Removed)> écrivait
news:42faa109$(E-Mail Removed):

> I don't actually need SAMBA so much as I need smbmount; ...??

Ok

> I can only pick up the name of a Windows share by using
> NetBIOS;.....??

In most case, but you may have a dhcp server for your windows stations
that update a DNS server (dynamic dns protocol), or your windows station
may update the DNS (option in the windows advanced network
configuration).

However in most case the network only use netbios with broacast.

> In order to NetBIOS browse (i.e. Network neighbourhood browse), I need
> to use WINS; .....??

No, netbios may use broacast announce and browsing, wich are limited to
le lan segment. So not propagate between the two lan (dmz and other).

Netbios may also use a "central" server named a WINS (windows name
server) which collect an list all stations and servers. In that case,
all stations and servers must be configured to use (register+browse) the
same WINS (2 in general). In that cas the browse list may collect and
serves many lan segments.

> If I set up WINS on my network, I have to effectively set up WINS for
> ALL machines on the network;......??

Yes.

> If I start to use WINS, the '98 machine will no longer be able to
> browse the neighbourhood; .....?? I.e. If I set up WINS, I exclude
> this machine from the network;....??

Not sure for W98. I think there is a WINS option in the network
configuration.

> As I don't specifically want to browse, rather just map directly to a
> specific machine, do I still need to set up WINS?

If the specifif machines has a fixed ip, use its IP in the mount command
line.

And then you don't need to bother about all this netbios browsing stuff.


Regards

Thanks Antoine.

I'll give that a go.

K

Antoine EMERIT wrote:
> KDoc <(E-Mail Removed)> écrivait
> news:42faa109$(E-Mail Removed):
>
>

>
>>In order to NetBIOS browse (i.e. Network neighbourhood browse), I need
>>to use WINS; .....??
>
>
> No, netbios may use broacast announce and browsing, wich are limited to
> le lan segment. So not propagate between the two lan (dmz and other).
>
> Netbios may also use a "central" server named a WINS (windows name
> server) which collect an list all stations and servers. In that case,
> all stations and servers must be configured to use (register+browse) the
> same WINS (2 in general). In that cas the browse list may collect and
> serves many lan segments.
>
>

>
>
>>If I start to use WINS, the '98 machine will no longer be able to
>>browse the neighbourhood; .....?? I.e. If I set up WINS, I exclude
>>this machine from the network;....??
>
>
> Not sure for W98. I think there is a WINS option in the network
> configuration.
>
>
>>As I don't specifically want to browse, rather just map directly to a
>>specific machine, do I still need to set up WINS?
>
>
> If the specifif machines has a fixed ip, use its IP in the mount command
> line.
>
> And then you don't need to bother about all this netbios browsing stuff.
>
>
> Regards

For the benefit of the archives:

After days of p---ing about, changing multitudinous configurations, 3
different firmware up/downgrades on the router/firewall, I finally have
this working.

The solution I have managed to get working is so stupidly simple, it's
embarassing. I had been making the mount call to the final destination's
IP/Hostname. And it simply continued to fail.

mount -t smbfs //machine03/sharename /local/mountpoint -o \
username=machine03user,uid=linuxuser,gid=linuxgrou p

Instead, I simply needed to direct the mount cmd to the router's
IP/Hostname and it then fwdded it on.

A week of wasted effort on a lesson which could have been learnt in 2 min.s

K

Antoine EMERIT wrote:
> KDoc <(E-Mail Removed)> écrivait
>
>>As I don't specifically want to browse, rather just map directly to a
>>specific machine, do I still need to set up WINS?
>
>
> If the specifif machines has a fixed ip, use its IP in the mount command
> line.
>
> And then you don't need to bother about all this netbios browsing stuff.
>