So I copied smb.conf from /tmp/smb.conf to /jffs/etc/smb.conf and added those lines. But with this, I can not even access the samba share from within my home network anymore, so I deleted /jffs/etc/smb.conf again.
I never thought that accessing an SMB share from the VPN would be so difficult, also because it worked with my previus firmware (AsusWRT).
Thanks for your support
Network
Router: 192.168.1.1
Homenetwork: 192.168.1.0/24
OpenVPN server running on 192.168.1.1
Samba Server running on 192.168.1.1
OpenVPN Client network: 10.8.0.0
OpenVPN client software for Android and Linux
Routers NAS not reachable on newer builds with ksmbd
When you want to access the routers NAS via internet with an app like andSMB it appears you have
to change the hosts allow in tmp/smb.conf to include the VPN subnet (10.8.0.0/24): hosts allow =
10.8.0.0/24.
You can copy tmp/smb.conf to /jffs/etc/ if you have permanent/usb storage so that it will be read
from there (since build 42693).
It would be interesting, if anyone else has the same problem. If so, it looks like a bug. If not it is a configuration issue.
Has anyone else the same problem?
If so, I would suggest to open a bug report.
For you Troubleshooting guide:
funny you, adding the issue to your guide, after I posted the issue with what I found as soltuion - and than quoting your guide as a solution
But sure, I the guide is helpful for enyone else, in case it is not a bug.
As stated in the first post, I do not use Google, so I do not google, I startpage
Joke aside, I already found those posts via the forum search earlier. No worries, I do not doubt your experience and expertise. It was just curious for me to see your quote for a soltution that I already stated does not work
As I said, it is not about the configuration, because it does not work as expected
It would be interesting, if anyone else has the same problem. If so, it looks like a bug. If not it is a configuration issue.
Has anyone else the same problem?
If so, I would suggest to open a bug report.
For you Troubleshooting guide:
funny you, adding the issue to your guide, after I posted the issue with what I found as soltuion - and than quoting your guide as a solution
But sure, I the guide is helpful for enyone else, in case it is not a bug.
Thanks for your reply
I also have problems reaching smb through a Wireguard tunnel. Simply doesn't work. Have tried with both Mac and Window clients. Smb at the router has the 'allow hosts' line but no success. Access to a Synology NAS (also smb) works fine. _________________ Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339
Will try to add ”interfaces” and see how that turns out. Thanks for the pointer.
EDIT: Tried adding the interfaces line, broke samba in my case. _________________ Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339
As stated in the first post, this breaks SMB completely. It may work for non kernel based SMB, but with the current dd-wrt releases this is standard. So far it looks like this is a bug of dd-wrt and needs to be fixed.
Joined: 18 Mar 2014 Posts: 12834 Location: Netherlands
Posted: Fri May 15, 2020 14:21 Post subject:
Routers NAS not reachable on newer builds with ksmbd
When you want to access the routers NAS via internet with an app like andSMB it appears you have to change the hosts allow in tmp/smb.conf to include the VPN subnet (10.8.0.0/24):
hosts allow = 10.8.0.0/24 (some say to also include the local host 127.0.0.1)
And add the interface of the VPN:
interfaces = br0, tun2 ( maybe also WAN interface eth0 or vlan2, those seem to be running by default (see ps))
You can copy tmp/smb.conf and smb.db to /jffs/etc/ if you have permanent/usb storage so that it will be read from there (since build 42693).
Use stopservice samba3, startservice samba3, to stop and start.
Routers NAS not reachable on newer builds with ksmbd
When you want to access the routers NAS via internet with an app like andSMB it appears you have to change the hosts allow in tmp/smb.conf to include the VPN subnet (10.8.0.0/24):
hosts allow = 10.8.0.0/24 (some say to also include the local host 127.0.0.1)
And add the interface of the VPN:
interfaces = br0, tun2 ( maybe also WAN interface eth0 or vlan2, those seem to be running by default (see ps))
You can copy tmp/smb.conf and smb.db to /jffs/etc/ if you have permanent/usb storage so that it will be read from there (since build 42693).
Use stopservice samba3, startservice samba3, to stop and start.
I got it working with andSMB but I had to choose SMB v1 in andSMB.
Are you using the built-in samba or a custom one from Entware?
I'll try to add the VPN subnet in the 'hosts allow' statement and see if it helps.
I tried to add the 'interfaces=bro eot1' to my Wireguard setup but that crashed samba _________________ Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339
Joined: 18 Mar 2014 Posts: 12834 Location: Netherlands
Posted: Sat May 16, 2020 7:38 Post subject:
wabe wrote:
egc wrote:
Routers NAS not reachable on newer builds with ksmbd
When you want to access the routers NAS via internet with an app like andSMB it appears you have to change the hosts allow in tmp/smb.conf to include the VPN subnet (10.8.0.0/24):
hosts allow = 10.8.0.0/24 (some say to also include the local host 127.0.0.1)
And add the interface of the VPN:
interfaces = br0, tun2 ( maybe also WAN interface eth0 or vlan2, those seem to be running by default (see ps))
You can copy tmp/smb.conf and smb.db to /jffs/etc/ if you have permanent/usb storage so that it will be read from there (since build 42693).
Use stopservice samba3, startservice samba3, to stop and start.
I got it working with andSMB but I had to choose SMB v1 in andSMB.
Are you using the built-in samba or a custom one from Entware?
I'll try to add the VPN subnet in the 'hosts allow' statement and see if it helps.
I tried to add the 'interfaces=bro eot1' to my Wireguard setup but that crashed samba
I am using a build with the in kernel samba so basically what DDWRT is using in the recent builds.
I have copied the smb.conf and smb.db to /jffs/etc and it those are used ( I was afraid the USB stick would boot to slowly but it seems to work, otherwise add this to startup:
sleep 20 && stopservice samba3 && startservice samba3
This is my /jffs/etc/smb.conf (using WireGuard, I use the second tunnel to connect to from outside with my Android phone and andSMB, the first tunnel is with PBR to my VPN provider)
Code:
root@R7800-2:~# cat /jffs/etc/smb.conf
[global]
log level = 1
netbios name = R7800-2
server string = R7800s
syslog = 10
encrypt passwords = true
preferred master = yes
use sendfile = yes
aio read size = 2048
aio write size = 2048
large readwrite = yes
security = user
mangled names = no
max stat cache size = 64
workgroup = home
bind interfaces only = yes
guest account = nobody
map to guest = Bad User
smb passwd file = /var/samba/smbpasswd
private dir = /var/samba
passdb backend = smbpasswd
log file = /var/smbd.log
max log size = 1000
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=262144 SO_RCVBUF=262144
read raw = yes
write raw = yes
oplocks = yes
max xmit = 65536
dead time = 15
getwd cache = yes
lpq cache time = 30
min protocol = SMB2_10
max protocol = SMB3_11
printing = none
load printers = No
usershare allow guests = Yes
smb3 encryption = no
hosts allow = 10.4.0.0/24
interfaces = br0, oet2
[jffs]
comment = jffs
path = /jffs/
read only = no
guest ok = yes
force user = root
[opt]
comment = opt
path = /opt/
read only = no
guest ok = yes