Bug 3500 - nmbd binds to all interfaces even with "bind interfaces only = yes"
nmbd binds to all interfaces even with "bind interfaces only = yes"
Product: Samba 3.0
Classification: Unclassified
Component: nmbd
x86 FreeBSD
: P3 normal
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2006-02-11 17:31 UTC by yoitsmeremember
Modified: 2009-01-25 12:43 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description yoitsmeremember 2006-02-11 17:31:50 UTC
I have Samba 3.0.21b compiled from source on FreeBSD 6.1-Beta, with the following options in the global configuration (taken almost strait from the FAQ on securing samba):

interfaces = dc0
bind interfaces only = yes

dc0 is one of the two ethernet adapters on my machine.

However, when running nmbd, I see the following with netstat ( is the address assigned to dc0):

udp4       0      0 *.*
udp4       0      0 *.*
udp4       0      0  *.netbios-dgm          *.*
udp4       0      0  *.netbios-ns           *.*

smbd (correctly) only binds to (dc0), thus this appears to be a bug in nmbd only.
Comment 1 Jeremy Allison 2006-02-11 19:03:35 UTC
This is by design.
Comment 2 yoitsmeremember 2006-02-11 20:09:05 UTC
(In reply to comment #1)
> This is by design.
> Jeremy.

May I ask why?  I see no reason to be listening on *, especially since anything coming in on the other interface on those ports is, in my case, blocked by the firewall.  I don't know about other people's situations, but it seems to me that if you're going to restrict to an interface (or interfaces), it should do it on both nmbd and smbd.
Comment 3 Gerald (Jerry) Carter 2006-02-19 06:49:41 UTC
Jeremy's right.  This is by design.  You can however is the 
current SAMBA_3_0 use the 'socket address' option to restrict 
this IIRC.
Comment 4 Debian samba package maintainers (PUBLIC MAILING LIST) 2009-01-25 12:41:32 UTC
This bug should really be closed: "socket address" does the job
Comment 5 Volker Lendecke 2009-01-25 12:43:54 UTC