Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Community User
Community User Author

How to disable netbios on Mac OS X?

When I connect a share from a server with Mac OS X clients, i.e. with Finder and -K or mount_smbfs, these things make the connection to the port 139, which is deprecated (netbios -port). All modern Samba implementations use the port 445 instead. Even if I instruct mount_smbfs not to use netbios with mount_smbfs -I server.ip.address //server.ip.address/share, it STILL uses netbios ports to make the connection! This seems like a serious bug to me.

Now, as our network policy forbids using netbios and firewalls block this protocol, Apples simply do not work in this environment.

Question: how to force the samba -related clients to use port 445 and forget about 137/139 once and for all? I have not found any hints anywhere, how to do this.

The only client, that respects /etc/smb.conf is smbclient, and suprise, surprise, that one works flawlessly and does use port 445, when told so. But, all the other samba-clients don't read smb.conf at all and don't have any configuration options anywhere - or do they?

Arno

G5 Dual 2.0 GHz, Mac OS X (10.4.8)

Posted on Nov 8, 2006 5:15 AM

Reply
9 replies
User profile for user: Rick Van Vliet
Rick Van Vliet
User level: Level 5
6,372 points

Nov 8, 2006 5:56 AM in response to Community User

This is only a comment, not the answer to your question, however:

SMB.conf file is used to configure the server end of samba, not necessarily the client.

Our question to you might be: what kind of server are you connecting to via SMB?
Linux? UNIX? OSX-server? Windows?
(if Windows, what version of server software, please)

(something to try: do your cmd+K connect to...
and when you enter the servername/IPaddress, end it with ":445)
like:
SMB://[Server_IP]/[Share]:445

Is that what you are trying?
Reply
User profile for user: Community User
Community User Author

Nov 8, 2006 6:23 AM in response to Rick Van Vliet

SMB.conf file is used to configure the server end of
samba, not necessarily the client.


I am aware of this, however, smb.conf was the only samba-related configuratin file I found. As smbclient turned out to actually use it, I hoped it would influence the other samba-clients as well - it does not.

Our question to you might be: what kind of server are
you connecting to via SMB?
Linux? UNIX? OSX-server? Windows?


All of them, makes no difference really. All work flawlessly, if I connect from Windows or from Linux, but none works, if I connect from Mac OS X.

(if Windows, what version of server software,
please)


Windows 2003 Server.

and when you enter the servername/IPaddress, end it
with ":445)


I'll try this. So far, I put the :445 at the end of the server name - it had no influence: SMB://[Server_IP]:445/[Share]. Also, putting it to the end has no effect. It still tries to port 139.

like:
SMB://[Server_IP]/[Share]:445

Is that what you are trying?


Yes, this exactly - and the same in Finder. The above just does not work, mount_smbfs stubbornly tries to connect to the port 139 and so does Finder.

Arno
Reply
User profile for user: Community User
Community User Author

Nov 8, 2006 1:24 PM in response to BDAqua

Hey, I just found a possible option...

In Sharing>Firewall>New... , click on Port Name drop
down, and there's an SMB (without NetBios) option! 🙂


This only affects incoming connections, so no avail. I will try this with Mac OS X as the client, that one allows tweaking the rules more accurately. I'll let you know...

Arno
Reply
User profile for user: Community User
Community User Author

Nov 8, 2006 1:47 PM in response to BDAqua

There might be some clues here...
http://www.mactech.com/articles/mactech/Vol.21/21.02/S
ecurity/index.html


This is actually a nice link for all sorts of other stuff, but did not help much in this case.

Near the bottom, search for "Manual firewall
configuration", then "Kernel Twaeking", (yes, it's
misspelled).


Now, I have tried this as well with Mac OS X Server as the client allowing much more flexibility to the firewall rules without the need to resort to manual tweaking. Result: mount_smbfs hangs and gets a timeout after a while. This is obvious, as I have now closed the port 139 to both ways - so, no answer -> timeout.

Bottom line: mount_smbfs does not work on the kernel level, so tweaking the kernel does not help much here. There should simply be some way to instruct mount_smbfs to use the port 445 and then everything would work.

Arno
Reply
User profile for user: Community User
Community User Author

Nov 9, 2006 4:00 AM in response to Community User

Bottom line: mount_smbfs does not work on the kernel
level, so tweaking the kernel does not help much
here. There should simply be some way to instruct
mount_smbfs to use the port 445 and then everything
would work.


Wait, wait! I just discovered running this command loads a kernel extension - so it is indeed kernel-related. Firewall settings do not work, so maybe there is some kernel variable to set the samba port? Not in the documentation, though...

Arno
Reply
User profile for user: Community User
Community User Author

Nov 9, 2006 12:20 PM in response to Community User

kernel-related. Firewall settings do not work, so
maybe there is some kernel variable to set the samba
port? Not in the documentation, though...


This looks very bad, from the Darwin 8.8 kernel source tree:


/*
* Common definintions and structures for SMB/CIFS protocol
*/

#ifndef NETSMB_SMB_H
#define NETSMB_SMB_H

#ifndef PRIVSYM
#define PRIVSYM _private_extern_
#endif

#define SMB TCPPORT 139

/*
* SMB dialects that we have to deal with.
*/

which indicates the port 139 has been hard coded. D*mn it...

Arno
Reply

How to disable netbios on Mac OS X?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up