Skip to main content.

2001-Feb-15

[debian] Heather's Windows machine was sending a bunch of simultaneous queries. (And inetd has to temporarily shutdown this service.)

/var/log/daemon.log: 

Feb 15 06:34:50 pilchuck nmbd[5943]: connect from 192.168.0.3
Feb 15 06:34:50 pilchuck inetd[15890]: /usr/sbin/tcpd: exit status 0x1
Feb 15 06:34:50 pilchuck inetd[15890]: netbios-ns/udp server failing (looping),
service terminated
/var/log/nmb: 
[2001/02/14 06:34:55, 0] lib/pidfile.c:pidfile_create(86)
ERROR: nmbd is already running. File /var/samba/nmbd.pid exists and process id
624 is running.
It is not started as a daemon via the rc.d scripts. It is started via inetd. I think this problem may have been a carry-over since I upgraded a couple weeks ago. nmbd was probably running then. I killed all of them and stop (and restarted) inetd. (Maybe fixed now?) It started again when I restarted inetd. So I guess I must "killall nmbd" before I ever restart inetd. Not good. I changed it to standalone (by editing /etc/inetd.conf and /etc/samba/debian_config).

On a different note: /var/log/{smb,nmb} are not being rotated. So I saw that /etc/cron.weekly/samba rotate old logs. I changed the smb.conf to "max log size = 100" (in K). (It was set to automatically rotate at 1MB.) *I'll wait to see if it rotates it.

Also did a web-based port scan and it said pilchuck is running netbios. The nmb log also says it is listening on subnet 63.145.197.178. It should only be listening to internal IPs. Read smb.conf(5) and used "socket address = 192.168.0.1". Then I received: 

Feb 15 14:40:43 pilchuck nmbd[9439]: refused connect from pilchuck.reedmedia.net
So I added "bind interfaces only = True"; I am not sure why. I have a feeling that connections are still being started by pilchuck, but I don't know how to stop them.

Also, I want to run lpd with tcp_wrappers support, so I am looking for a way. Some lpd's have a "-i" switch so it can run via inetd. I was told on the debian-isp list to just put it in inetd.conf. So I stopped lpd, added lpd to my /etc/hosts.allow, disabled it form starting in /etc/init.d/lpd and restarted inetd. My remote lpq says "waiting for pilchuck to come up". My server's lpr.log says: 

Feb 15 15:36:50 pilchuck lpd[9780]: bind: Address already in use
Feb 15 15:36:50 pilchuck lpd[9780]: exiting
So it looks like inetd is spawning lpd; the new lpd is trying to bind but inetd already did. I reverted back to daemon (standalone). * Maybe I'll find an alternative; maybe I'll add libwrap support; maybe I'll add support to run via inetd.