samba connection problem and DNS

Hi,

I have two windows XP machines share a samba network share as file sever
from one redhat box.

All these three machines share one DSL connections to internet. I noticed
the samba file share will be off line when I have DSL internet connections
problems.

Any one know what might cause this problem ? Maybe due to the DNS
disconnection when the DSL connection is off line ?

Thanks in advance

- Daniel

Daniel Huang schreef:
> Hi,
>
> I have two windows XP machines share a samba network share as file sever
> from one redhat box.
>
> All these three machines share one DSL connections to internet. I
> noticed the samba file share will be off line when I have DSL internet
> connections problems.
>
> Any one know what might cause this problem ? Maybe due to the DNS
> disconnection when the DSL connection is off line ?
>
> Thanks in advance
>
> - Daniel
What kind of problem? Do you use static ip or dhcp from your router?
Please be more specific.

"Daniel Huang" <(E-Mail Removed)> wrote in
news:f5sid9$acdf$(E-Mail Removed):

> Hi,
>
> I have two windows XP machines share a samba network share as file
> sever from one redhat box.
>
> All these three machines share one DSL connections to internet. I
> noticed the samba file share will be off line when I have DSL internet
> connections problems.
>
> Any one know what might cause this problem ? Maybe due to the DNS
> disconnection when the DSL connection is off line ?
>
> Thanks in advance
>
> - Daniel
>
I do that too and don't have any problems at all with it. I use a
cablemodem and it connects to the Linux box on eth0. eth1 goes to a switch
or hub and my XP machines connect that way. I prefer it this way as the
Linux box can now be a server and/or firewall, then the Linux machine
forwards the Internet to the two XP boxes, they connect with all network
settings on automatic. I use firestarter firewall to share the Internet
that way and to act as a firewall. There are much better firewalls out
there but firestarter is so darned easy to setup with it's GUI that you
pretty much have to have no brain at all to mess it up.

Plus I can control my network computers that way as well, If I wanted XP
box #2 offline, that is easy to do. I have folders shared on my XP machines
as well as directories shared on my Linux box with samba and have no such
problems at all, all of the sharers show up in Network Places. The samba is
independent of the Internet connection so they really should not interact
in any way, and they don't. From my XP machine I can see and use my Linux
shares as well as my own shares and he shares on my GF's XP computer.

What kind of problem are you having and what is your network setup like?
--
~Ohmster
ohmster at ohmster dot com
Put "messageforohmster" in message body
(That is Message Body, not Subject!)
to pass my spam filter.

In news:Xns995CE53CAEE0EMyBigKitty@194.177.96.26,
Ohmster <(E-Mail Removed)> wrote:

> I do that too and don't have any problems at all with it. I use a
> cablemodem and it connects to the Linux box on eth0. eth1 goes to a
> switch or hub and my XP machines connect that way. I prefer it this
> way as the Linux box can now be a server and/or firewall, then the
> Linux machine forwards the Internet to the two XP boxes, they connect
> with all network settings on automatic. I use firestarter firewall to
> share the Internet that way and to act as a firewall.

May I ask you please to post the results of "ifconfig -a" and "route -n", as
well as the iptables ruleset you use to accomplish this? It's the
configuration that I think I would like to use here.

"Patrick" <ptri.c.k.@statrerv.corn> wrote in
news:(E-Mail Removed):

> In news:Xns995CE53CAEE0EMyBigKitty@194.177.96.26,
> Ohmster <(E-Mail Removed)> wrote:
>
>> I do that too and don't have any problems at all with it. I use a
>> cablemodem and it connects to the Linux box on eth0. eth1 goes to a
>> switch or hub and my XP machines connect that way. I prefer it this
>> way as the Linux box can now be a server and/or firewall, then the
>> Linux machine forwards the Internet to the two XP boxes, they connect
>> with all network settings on automatic. I use firestarter firewall to
>> share the Internet that way and to act as a firewall.
>
> May I ask you please to post the results of "ifconfig -a" and "route
> -n", as well as the iptables ruleset you use to accomplish this? It's
> the configuration that I think I would like to use here.
>
>

Wow, you guys don't kid around. I posted this exactly 35 minutes ago and
already there is an eager audience for the juicy details. LOL!

Sure, here ya go.

[ohmster@ohmster ~]$ ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:E0:7D:9A:0D:0C
inet addr:192.168.15.100 Bcast:192.168.15.255
Mask:255.255.255.0
inet6 addr: fe80::2e0:7dff:fe9a:d0c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2209942 errors:0 dropped:0 overruns:0 frame:0
TX packets:2180721 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2344353215 (2.1 GiB) TX bytes:296992665 (283.2 MiB)
Interrupt:9 Base address:0xe000

eth1 Link encap:Ethernet HWaddr 00:50:04:26:A4:62
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::250:4ff:fe26:a462/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2379669 errors:0 dropped:0 overruns:0 frame:0
TX packets:2502234 errors:0 dropped:0 overruns:0 carrier:6
collisions:121511 txqueuelen:1000
RX bytes:236693645 (225.7 MiB) TX bytes:2773629622 (2.5 GiB)
Interrupt:9 Base address:0xa000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:36969 errors:0 dropped:0 overruns:0 frame:0
TX packets:36969 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3087929 (2.9 MiB) TX bytes:3087929 (2.9 MiB)

[ohmster@ohmster ~]$

[ohmster@ohmster ~]$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0
eth1
192.168.15.0 0.0.0.0 255.255.255.0 U 0 0 0
eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0
eth1
0.0.0.0 192.168.15.1 0.0.0.0 UG 0 0 0
eth0
[ohmster@ohmster ~]$

"as well as the iptables ruleset"
....sigh. Look, iptables, ipv4 forwarding and masquerading, as well as a
DHCP server to "hand out" IP addresses to all of the computers on my home
LAN is complicated and a pain in the ass. I could spend days/weeks/months
on this manually, or just use the "easy out" method of downloading and
installing firestarter. It "just works" right out of the box. The GUI
runs in xwindows and the wizard will have all of this done for you in
like 5 minutes. You can also block just about anything or anyone as well
as port forward and things of that nature. firestarter is what made the
ruleset, it would take me forever to do that but if you like and if it
will fit in here, I will post it for you. I also give my LAN computers
names like missy and paula and their names resolve in my /etc/hosts file.
My cablemodem uses DHCP and feeds that stuff right to the Fedora Core 6
box right into eth0. eth1 goes to a hub, now I use a high speed switch
because I got one for free and does it ever rock. I can move a 2Gb file
from machine to machine in like 2 minutes, rather than the hour it used
to take. The hub/switch has 8 ports on it, only 2 of them are used right
now, but when I work on computers, i can plug just about anything into my
switch and as long as I have the network settings on automatic, it "just
works" and I am on the net. For the samba sharing to work, I specify my
workgroup as well.

A lot of serious Linux users "poo poo" firestarter, it is like trying t
make serious art with Crayola Crayons, or at least that is the impression
I get around here but works it does, does it very well, and will be
working in a matter of just a few minutes.

The iptables rule set formatting is going to be word wrapped into
oblivion here so I will post it but if you want to see it in it's true
format, where everything lines up, then I have posted it on the Fedora
box because it also runs apache:
http://www.ohmster.com/~ohmster/linux/iptablerules.txt
Otherwise here are the iptables rule sets:

[root@ohmster ~]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 192.168.15.1 anywhere tcp flags:!
FIN,SYN,RST,ACK/SYN
ACCEPT udp -- 192.168.15.1 anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere limit: avg
10/sec burst 5
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere 192.168.15.255
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state
INVALID
LSI all -f anywhere anywhere limit: avg
10/min burst 5
INBOUND all -- anywhere anywhere
INBOUND all -- anywhere 192.168.0.1
INBOUND all -- anywhere ohmster.com
INBOUND all -- anywhere 192.168.0.255
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Unknown Input'

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere limit: avg
10/sec burst 5
TCPMSS tcp -- anywhere anywhere tcp
flags:SYN,RST/SYN TCPMSS clamp to PMTU
ACCEPT tcp -- anywhere missy tcp dptms
ACCEPT udp -- anywhere missy udp dptms
ACCEPT tcp -- anywhere missy tcp dpt:rfa
ACCEPT udp -- anywhere missy udp dpt:rfa
ACCEPT tcp -- anywhere missy tcp dpt:nsws
ACCEPT udp -- anywhere missy udp dpt:nsws
ACCEPT tcp -- anywhere missy tcp dpt:4552
ACCEPT udp -- anywhere missy udp dpt:4552
ACCEPT tcp -- anywhere missy tcp dpt:llm-
pass
ACCEPT udp -- anywhere missy udp dpt:llm-
pass
OUTBOUND all -- anywhere anywhere
ACCEPT tcp -- anywhere 192.168.0.0/24 state
RELATED,ESTABLISHED
ACCEPT udp -- anywhere 192.168.0.0/24 state
RELATED,ESTABLISHED
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Unknown Forward'

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- ohmster.com 192.168.15.1 tcp
dpt:domain
ACCEPT udp -- ohmster.com 192.168.15.1 udp
dpt:domain
ACCEPT all -- anywhere anywhere
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state
INVALID
OUTBOUND all -- anywhere anywhere
OUTBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Unknown Output'

Chain INBOUND (4 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT all -- missy anywhere
ACCEPT all -- paula anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp
dpts:ftp-data:ftp
ACCEPT udp -- anywhere anywhere udp
dpts:ftp-data:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT udp -- anywhere anywhere udp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dptop3
ACCEPT udp -- anywhere anywhere udp dptop3
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT udp -- anywhere anywhere udp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:517
ACCEPT udp -- anywhere anywhere udp dpt:talk
ACCEPT tcp -- 192.168.0.0/24 anywhere tcp dpt:ipp
ACCEPT udp -- 192.168.0.0/24 anywhere udp dpt:ipp
ACCEPT tcp -- anywhere anywhere tcp
dpt:finger
ACCEPT udp -- anywhere anywhere udp
dpt:finger
ACCEPT tcp -- 192.168.0.0/24 anywhere tcp
dpts:netbios-ns:netbios-ssn
ACCEPT udp -- 192.168.0.0/24 anywhere udp
dpts:netbios-ns:netbios-ssn
ACCEPT tcp -- 192.168.0.0/24 anywhere tcp
dpt:microsoft-ds
ACCEPT udp -- 192.168.0.0/24 anywhere udp
dpt:microsoft-ds
ACCEPT tcp -- anywhere anywhere tcp
dpt:https
ACCEPT udp -- anywhere anywhere udp
dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT udp -- anywhere anywhere udp dpt:smtp
ACCEPT tcp -- missy anywhere tcp dpt:ndmp
ACCEPT udp -- missy anywhere udp dpt:ndmp
ACCEPT tcp -- anywhere anywhere tcp dpt:dnp
ACCEPT udp -- anywhere anywhere udp dpt:dnp
ACCEPT tcp -- 192.168.0.0/24 anywhere tcp dpt:7741
ACCEPT udp -- 192.168.0.0/24 anywhere udp dpt:7741
ACCEPT tcp -- anywhere anywhere tcp
dpt:submission
ACCEPT udp -- anywhere anywhere udp
dpt:submission
ACCEPT tcp -- missy anywhere tcp dpt:snmp
ACCEPT udp -- missy anywhere udp dpt:snmp
LSI all -- anywhere anywhere

Chain LOG_FILTER (5 references)
target prot opt source destination

Chain LSI (2 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG tcp -- anywhere anywhere tcp
flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix
`Inbound '
DROP tcp -- anywhere anywhere tcp
flags:FIN,SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp
flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix
`Inbound '
DROP tcp -- anywhere anywhere tcp
flags:FIN,SYN,RST,ACK/RST
LOG icmp -- anywhere anywhere icmp echo-
request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP icmp -- anywhere anywhere icmp echo-
request
LOG all -- anywhere anywhere limit: avg
5/sec burst 5 LOG level info prefix `Inbound '
DROP all -- anywhere anywhere

Chain LSO (0 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg
5/sec burst 5 LOG level info prefix `Outbound '
REJECT all -- anywhere anywhere reject-with
icmp-port-unreachable

Chain OUTBOUND (3 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
[root@ohmster ~]#

--
~Ohmster
ohmster at ohmster dot com
Put "messageforohmster" in message body
(That is Message Body, not Subject!)
to pass my spam filter.

Thank you all for the response. The configuration is as following:

ISP: Fix IP DSL Line connected to DSL modem with DHCP capability
Lan: 12 Port switch uplinked to DSL modem
XP/Linux: All using wired 10/100M ethernet connection to this 12 Port switch

So when every the ISP is offline or I unplug the DSL phone line, the Linux
samba share couldn't be accessable by the 2 windows XP boxes. Once the ISP
is back on line the Samba on linux is ok.

During the DSL ISP outage, The samba access was fine before I restarted my
XP computers, but the samba problem occurred after i restarted the XP boxes.
Though I can still ping the Linux samba box from the two XP clients

I googled around and seems quite some people have same problem, and it seems
to be the DNS related problem when the DSL connection is off line. And samba
seems to use DSL's DNS server for address resolving.

I just enabled the Wins support on this Linux box, will give it another try
by unplug the DSL phone line.

Any other suggestions ?

Thanks

"Ohmster" <(E-Mail Removed)> wrote in message
news:Xns995CF30C75F1AMyBigKitty@194.177.96.26...
> "Patrick" <ptri.c.k.@statrerv.corn> wrote in
> news:(E-Mail Removed):
>
>> In news:Xns995CE53CAEE0EMyBigKitty@194.177.96.26,
>> Ohmster <(E-Mail Removed)> wrote:
>>
>>> I do that too and don't have any problems at all with it. I use a
>>> cablemodem and it connects to the Linux box on eth0. eth1 goes to a
>>> switch or hub and my XP machines connect that way. I prefer it this
>>> way as the Linux box can now be a server and/or firewall, then the
>>> Linux machine forwards the Internet to the two XP boxes, they connect
>>> with all network settings on automatic. I use firestarter firewall to
>>> share the Internet that way and to act as a firewall.
>>
>> May I ask you please to post the results of "ifconfig -a" and "route
>> -n", as well as the iptables ruleset you use to accomplish this? It's
>> the configuration that I think I would like to use here.
>>
>>
>
> Wow, you guys don't kid around. I posted this exactly 35 minutes ago and
> already there is an eager audience for the juicy details. LOL!
>
> Sure, here ya go.
>
> [ohmster@ohmster ~]$ ifconfig -a
> eth0 Link encap:Ethernet HWaddr 00:E0:7D:9A:0D:0C
> inet addr:192.168.15.100 Bcast:192.168.15.255
> Mask:255.255.255.0
> inet6 addr: fe80::2e0:7dff:fe9a:d0c/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:2209942 errors:0 dropped:0 overruns:0 frame:0
> TX packets:2180721 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:2344353215 (2.1 GiB) TX bytes:296992665 (283.2 MiB)
> Interrupt:9 Base address:0xe000
>
> eth1 Link encap:Ethernet HWaddr 00:50:04:26:A4:62
> inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
> inet6 addr: fe80::250:4ff:fe26:a462/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:2379669 errors:0 dropped:0 overruns:0 frame:0
> TX packets:2502234 errors:0 dropped:0 overruns:0 carrier:6
> collisions:121511 txqueuelen:1000
> RX bytes:236693645 (225.7 MiB) TX bytes:2773629622 (2.5 GiB)
> Interrupt:9 Base address:0xa000
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> inet6 addr: ::1/128 Scope:Host
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:36969 errors:0 dropped:0 overruns:0 frame:0
> TX packets:36969 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:3087929 (2.9 MiB) TX bytes:3087929 (2.9 MiB)
>
> [ohmster@ohmster ~]$
>
> [ohmster@ohmster ~]$ route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth1
> 192.168.15.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth0
> 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0
> eth1
> 0.0.0.0 192.168.15.1 0.0.0.0 UG 0 0 0
> eth0
> [ohmster@ohmster ~]$
>
> "as well as the iptables ruleset"
> ...sigh. Look, iptables, ipv4 forwarding and masquerading, as well as a
> DHCP server to "hand out" IP addresses to all of the computers on my home
> LAN is complicated and a pain in the ass. I could spend days/weeks/months
> on this manually, or just use the "easy out" method of downloading and
> installing firestarter. It "just works" right out of the box. The GUI
> runs in xwindows and the wizard will have all of this done for you in
> like 5 minutes. You can also block just about anything or anyone as well
> as port forward and things of that nature. firestarter is what made the
> ruleset, it would take me forever to do that but if you like and if it
> will fit in here, I will post it for you. I also give my LAN computers
> names like missy and paula and their names resolve in my /etc/hosts file.
> My cablemodem uses DHCP and feeds that stuff right to the Fedora Core 6
> box right into eth0. eth1 goes to a hub, now I use a high speed switch
> because I got one for free and does it ever rock. I can move a 2Gb file
> from machine to machine in like 2 minutes, rather than the hour it used
> to take. The hub/switch has 8 ports on it, only 2 of them are used right
> now, but when I work on computers, i can plug just about anything into my
> switch and as long as I have the network settings on automatic, it "just
> works" and I am on the net. For the samba sharing to work, I specify my
> workgroup as well.
>
> A lot of serious Linux users "poo poo" firestarter, it is like trying t
> make serious art with Crayola Crayons, or at least that is the impression
> I get around here but works it does, does it very well, and will be
> working in a matter of just a few minutes.
>
> The iptables rule set formatting is going to be word wrapped into
> oblivion here so I will post it but if you want to see it in it's true
> format, where everything lines up, then I have posted it on the Fedora
> box because it also runs apache:
> http://www.ohmster.com/~ohmster/linux/iptablerules.txt
> Otherwise here are the iptables rule sets:
>
> [root@ohmster ~]# iptables -L
> Chain INPUT (policy DROP)
> target prot opt source destination
> ACCEPT tcp -- 192.168.15.1 anywhere tcp flags:!
> FIN,SYN,RST,ACK/SYN
> ACCEPT udp -- 192.168.15.1 anywhere
> ACCEPT all -- anywhere anywhere
> ACCEPT icmp -- anywhere anywhere limit: avg
> 10/sec burst 5
> DROP all -- anywhere 255.255.255.255
> DROP all -- anywhere 192.168.15.255
> DROP all -- 255.255.255.255 anywhere
> DROP all -- anywhere 0.0.0.0
> DROP all -- anywhere anywhere state
> INVALID
> LSI all -f anywhere anywhere limit: avg
> 10/min burst 5
> INBOUND all -- anywhere anywhere
> INBOUND all -- anywhere 192.168.0.1
> INBOUND all -- anywhere ohmster.com
> INBOUND all -- anywhere 192.168.0.255
> LOG_FILTER all -- anywhere anywhere
> LOG all -- anywhere anywhere LOG level
> info prefix `Unknown Input'
>
> Chain FORWARD (policy DROP)
> target prot opt source destination
> ACCEPT icmp -- anywhere anywhere limit: avg
> 10/sec burst 5
> TCPMSS tcp -- anywhere anywhere tcp
> flags:SYN,RST/SYN TCPMSS clamp to PMTU
> ACCEPT tcp -- anywhere missy tcp dptms
> ACCEPT udp -- anywhere missy udp dptms
> ACCEPT tcp -- anywhere missy tcp dpt:rfa
> ACCEPT udp -- anywhere missy udp dpt:rfa
> ACCEPT tcp -- anywhere missy tcp dpt:nsws
> ACCEPT udp -- anywhere missy udp dpt:nsws
> ACCEPT tcp -- anywhere missy tcp dpt:4552
> ACCEPT udp -- anywhere missy udp dpt:4552
> ACCEPT tcp -- anywhere missy tcp dpt:llm-
> pass
> ACCEPT udp -- anywhere missy udp dpt:llm-
> pass
> OUTBOUND all -- anywhere anywhere
> ACCEPT tcp -- anywhere 192.168.0.0/24 state
> RELATED,ESTABLISHED
> ACCEPT udp -- anywhere 192.168.0.0/24 state
> RELATED,ESTABLISHED
> LOG_FILTER all -- anywhere anywhere
> LOG all -- anywhere anywhere LOG level
> info prefix `Unknown Forward'
>
> Chain OUTPUT (policy DROP)
> target prot opt source destination
> ACCEPT tcp -- ohmster.com 192.168.15.1 tcp
> dpt:domain
> ACCEPT udp -- ohmster.com 192.168.15.1 udp
> dpt:domain
> ACCEPT all -- anywhere anywhere
> DROP all -- 255.255.255.255 anywhere
> DROP all -- anywhere 0.0.0.0
> DROP all -- anywhere anywhere state
> INVALID
> OUTBOUND all -- anywhere anywhere
> OUTBOUND all -- anywhere anywhere
> LOG_FILTER all -- anywhere anywhere
> LOG all -- anywhere anywhere LOG level
> info prefix `Unknown Output'
>
> Chain INBOUND (4 references)
> target prot opt source destination
> ACCEPT tcp -- anywhere anywhere state
> RELATED,ESTABLISHED
> ACCEPT udp -- anywhere anywhere state
> RELATED,ESTABLISHED
> ACCEPT all -- missy anywhere
> ACCEPT all -- paula anywhere
> ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
> ACCEPT udp -- anywhere anywhere udp dpt:ssh
> ACCEPT tcp -- anywhere anywhere tcp
> dpts:ftp-data:ftp
> ACCEPT udp -- anywhere anywhere udp
> dpts:ftp-data:ftp
> ACCEPT tcp -- anywhere anywhere tcp dpt:http
> ACCEPT udp -- anywhere anywhere udp dpt:http
> ACCEPT tcp -- anywhere anywhere tcp dptop3
> ACCEPT udp -- anywhere anywhere udp dptop3
> ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
> ACCEPT udp -- anywhere anywhere udp dpt:smtp
> ACCEPT tcp -- anywhere anywhere tcp dpt:517
> ACCEPT udp -- anywhere anywhere udp dpt:talk
> ACCEPT tcp -- 192.168.0.0/24 anywhere tcp dpt:ipp
> ACCEPT udp -- 192.168.0.0/24 anywhere udp dpt:ipp
> ACCEPT tcp -- anywhere anywhere tcp
> dpt:finger
> ACCEPT udp -- anywhere anywhere udp
> dpt:finger
> ACCEPT tcp -- 192.168.0.0/24 anywhere tcp
> dpts:netbios-ns:netbios-ssn
> ACCEPT udp -- 192.168.0.0/24 anywhere udp
> dpts:netbios-ns:netbios-ssn
> ACCEPT tcp -- 192.168.0.0/24 anywhere tcp
> dpt:microsoft-ds
> ACCEPT udp -- 192.168.0.0/24 anywhere udp
> dpt:microsoft-ds
> ACCEPT tcp -- anywhere anywhere tcp
> dpt:https
> ACCEPT udp -- anywhere anywhere udp
> dpt:https
> ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
> ACCEPT udp -- anywhere anywhere udp dpt:smtp
> ACCEPT tcp -- missy anywhere tcp dpt:ndmp
> ACCEPT udp -- missy anywhere udp dpt:ndmp
> ACCEPT tcp -- anywhere anywhere tcp dpt:dnp
> ACCEPT udp -- anywhere anywhere udp dpt:dnp
> ACCEPT tcp -- 192.168.0.0/24 anywhere tcp dpt:7741
> ACCEPT udp -- 192.168.0.0/24 anywhere udp dpt:7741
> ACCEPT tcp -- anywhere anywhere tcp
> dpt:submission
> ACCEPT udp -- anywhere anywhere udp
> dpt:submission
> ACCEPT tcp -- missy anywhere tcp dpt:snmp
> ACCEPT udp -- missy anywhere udp dpt:snmp
> LSI all -- anywhere anywhere
>
> Chain LOG_FILTER (5 references)
> target prot opt source destination
>
> Chain LSI (2 references)
> target prot opt source destination
> LOG_FILTER all -- anywhere anywhere
> LOG tcp -- anywhere anywhere tcp
> flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix
> `Inbound '
> DROP tcp -- anywhere anywhere tcp
> flags:FIN,SYN,RST,ACK/SYN
> LOG tcp -- anywhere anywhere tcp
> flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix
> `Inbound '
> DROP tcp -- anywhere anywhere tcp
> flags:FIN,SYN,RST,ACK/RST
> LOG icmp -- anywhere anywhere icmp echo-
> request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
> DROP icmp -- anywhere anywhere icmp echo-
> request
> LOG all -- anywhere anywhere limit: avg
> 5/sec burst 5 LOG level info prefix `Inbound '
> DROP all -- anywhere anywhere
>
> Chain LSO (0 references)
> target prot opt source destination
> LOG_FILTER all -- anywhere anywhere
> LOG all -- anywhere anywhere limit: avg
> 5/sec burst 5 LOG level info prefix `Outbound '
> REJECT all -- anywhere anywhere reject-with
> icmp-port-unreachable
>
> Chain OUTBOUND (3 references)
> target prot opt source destination
> ACCEPT icmp -- anywhere anywhere
> ACCEPT tcp -- anywhere anywhere state
> RELATED,ESTABLISHED
> ACCEPT udp -- anywhere anywhere state
> RELATED,ESTABLISHED
> ACCEPT all -- anywhere anywhere
> [root@ohmster ~]#
>
> --
> ~Ohmster
> ohmster at ohmster dot com
> Put "messageforohmster" in message body
> (That is Message Body, not Subject!)
> to pass my spam filter.

Daniel Huang schreef:
> Thank you all for the response. The configuration is as following:
>
> ISP: Fix IP DSL Line connected to DSL modem with DHCP capability
> Lan: 12 Port switch uplinked to DSL modem
> XP/Linux: All using wired 10/100M ethernet connection to this 12 Port switch
>
> So when every the ISP is offline or I unplug the DSL phone line, the Linux
> samba share couldn't be accessable by the 2 windows XP boxes. Once the ISP
> is back on line the Samba on linux is ok.
>
> During the DSL ISP outage, The samba access was fine before I restarted my
> XP computers, but the samba problem occurred after i restarted the XP boxes.
> Though I can still ping the Linux samba box from the two XP clients
>
> I googled around and seems quite some people have same problem, and it seems
> to be the DNS related problem when the DSL connection is off line. And samba
> seems to use DSL's DNS server for address resolving.
>
> I just enabled the Wins support on this Linux box, will give it another try
> by unplug the DSL phone line.
>
> Any other suggestions ?
>
> Thanks
>
Maybe you should using static ip for each machine and turn off DHCP

On Thu, 28 Jun 2007 11:51:13 -0400, Daniel Huang wrote:

> I googled around and seems quite some people have same problem, and it
> seems to be the DNS related problem when the DSL connection is off line.
> And samba seems to use DSL's DNS server for address resolving.

Simple enough to test... either connect the share by IP address rather
than URL or add the systems to each others hosts files. If you no longer
have the issue then it probably is a DNS issue. If not something else is
going on.

the simplest test is to comment out two DNS entries in /etc/resolv.conf on
the Linux box with samba share, both XP will have samba connection problems.

But if I add the hosts entry in /etc/hosts on Linux box, the samba will be
accessible by both XP boxes.

"Ivan Marsh" <(E-Mail Removed)> wrote in message
news(E-Mail Removed)...
> On Thu, 28 Jun 2007 11:51:13 -0400, Daniel Huang wrote:
>
>> I googled around and seems quite some people have same problem, and it
>> seems to be the DNS related problem when the DSL connection is off line.
>> And samba seems to use DSL's DNS server for address resolving.
>
> Simple enough to test... either connect the share by IP address rather
> than URL or add the systems to each others hosts files. If you no longer
> have the issue then it probably is a DNS issue. If not something else is
> going on.

I enable the wins support on Linux box, raised the OS level > 32 and change
"name resolve order" to " wins lmhosts bcast"

This seemed to force samba to use Wins instead of DNS on address resolving.

Now the samba access is fine without DNS entry on Linux from two XP boxes on
the same subnet.

"Daniel Huang" <(E-Mail Removed)> wrote in message
news:f61nqc$b85c$(E-Mail Removed)...
> the simplest test is to comment out two DNS entries in /etc/resolv.conf on
> the Linux box with samba share, both XP will have samba connection
> problems.
>
> But if I add the hosts entry in /etc/hosts on Linux box, the samba will be
> accessible by both XP boxes.
>
> "Ivan Marsh" <(E-Mail Removed)> wrote in message
> news(E-Mail Removed)...
>> On Thu, 28 Jun 2007 11:51:13 -0400, Daniel Huang wrote:
>>
>>> I googled around and seems quite some people have same problem, and it
>>> seems to be the DNS related problem when the DSL connection is off line.
>>> And samba seems to use DSL's DNS server for address resolving.
>>
>> Simple enough to test... either connect the share by IP address rather
>> than URL or add the systems to each others hosts files. If you no longer
>> have the issue then it probably is a DNS issue. If not something else is
>> going on.
>