Samba broken in Kong's 23325?

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page 1, 2  Next
Author Message
Eugr
DD-WRT Novice


Joined: 09 Jan 2014
Posts: 42
Location: United States

PostPosted: Tue Jan 14, 2014 5:17    Post subject: Samba broken in Kong's 23325? Reply with quote
Tried 23325 build today and I was getting timeout errors when trying to connect to Samba... Looks like some firewall rules are missing... On the bright side, FTP speeds seemed to be faster. Reverted back to 23320 for the time being.
Sponsor
Gameman Advanced Kid
DD-WRT Guru


Joined: 18 Nov 2012
Posts: 1170

PostPosted: Tue Jan 14, 2014 6:55    Post subject: Reply with quote
im using samba and its working fine in 23325 on my R6250.

how did you set it up? maybe i can try to create the problem myself?

_________________
For people who are new to the dd-wrt forums >> http://www.catb.org/~esr/faqs/smart-questions.html#rtfm

barryware wrote:
It takes a "community" to raise a router..


Internet Connection 1
Some Techicolor modem > Linksys WRT3200ACM

Internet connection 2
Ubiquiti Powerbeam Gen 2 > Netgear R9000

Official (but not really) dd-wrt General Discussion element/matrix chat

https://matrix.to/#/#dd-wrt-private-non-offical:matrix.org
Eugr
DD-WRT Novice


Joined: 09 Jan 2014
Posts: 42
Location: United States

PostPosted: Tue Jan 14, 2014 7:09    Post subject: Reply with quote
Gameman Advanced Kid wrote:
im using samba and its working fine in 23325 on my R6250.

how did you set it up? maybe i can try to create the problem myself?


Hmm... Maybe it's specific to R7000?

Nothing special in the configuration. USB storage is enabled with automount, Samba enabled, all defaults, workgroup is set to WORKGROUP, one share added, one user added with read/write access to the share.

Tried to connect from my computer - connection timeout. smbd/nmbd were running on the router.

I tried to preserve config from 23320, then reset to defaults, but to no avail.

The same configuration works well with my 23320 build.

I didn't have time to troubleshoot more - needed my router up and running. If no one else has this problem, I'll try to investigate further in the next few days.

BTW, do you see any performance boost in 23325 related to Samba?
Gameman Advanced Kid
DD-WRT Guru


Joined: 18 Nov 2012
Posts: 1170

PostPosted: Tue Jan 14, 2014 13:55    Post subject: Reply with quote
i see the boost. works great! as for you, do a 30/30/30 reset so you can set everything from scratch. i did the same to my router and it helped quite a bit.
_________________
For people who are new to the dd-wrt forums >> http://www.catb.org/~esr/faqs/smart-questions.html#rtfm

barryware wrote:
It takes a "community" to raise a router..


Internet Connection 1
Some Techicolor modem > Linksys WRT3200ACM

Internet connection 2
Ubiquiti Powerbeam Gen 2 > Netgear R9000

Official (but not really) dd-wrt General Discussion element/matrix chat

https://matrix.to/#/#dd-wrt-private-non-offical:matrix.org
Eugr
DD-WRT Novice


Joined: 09 Jan 2014
Posts: 42
Location: United States

PostPosted: Tue Jan 14, 2014 15:11    Post subject: Reply with quote
Gameman Advanced Kid wrote:
i see the boost. works great! as for you, do a 30/30/30 reset so you can set everything from scratch. i did the same to my router and it helped quite a bit.


I didn't do 30-30-30, but I did reset it via webgui. Is there any difference between doing 30-30-30 and "reset to factory defaults" in webgui? I thought it doesn't matter anymore...
<Kong>
DD-WRT Guru


Joined: 15 Dec 2010
Posts: 4339
Location: Germany

PostPosted: Wed Jan 15, 2014 0:24    Post subject: Reply with quote
Eugr wrote:
Gameman Advanced Kid wrote:
i see the boost. works great! as for you, do a 30/30/30 reset so you can set everything from scratch. i did the same to my router and it helped quite a bit.


I didn't do 30-30-30, but I did reset it via webgui. Is there any difference between doing 30-30-30 and "reset to factory defaults" in webgui? I thought it doesn't matter anymore...


If you can give some debug info we might see if there is a problem, since with my config it works on two routers and when I did the throughput testing with the changes I copied about 500GB to 3 different drives from two different PCs Linux/Windows.
And I just did 2 little changes for samba, removing a tuning option in order to use sambas default which are better and add firewall rules to remove samba traffic from connection tracking.

Thus if you can get me the following info to see if the basics are there, run each command in a ssh or telnet session to the router:

ps | grep smb

ifconfig

cat /tmp/smb.conf

Also let me know how you access samba by name or ip e.g.:

\\routerip\share

or

\\routername\share

_________________
KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
Eugr
DD-WRT Novice


Joined: 09 Jan 2014
Posts: 42
Location: United States

PostPosted: Wed Jan 15, 2014 0:49    Post subject: Reply with quote
<Kong> wrote:

If you can give some debug info we might see if there is a problem, since with my config it works on two routers and when I did the throughput testing with the changes I copied about 500GB to 3 different drives from two different PCs Linux/Windows.
And I just did 2 little changes for samba, removing a tuning option in order to use sambas default which are better and add firewall rules to remove samba traffic from connection tracking.

Thus if you can get me the following info to see if the basics are there, run each command in a ssh or telnet session to the router:

ps | grep smb

ifconfig

cat /tmp/smb.conf

Also let me know how you access samba by name or ip e.g.:

\\routerip\share

or

\\routername\share


I'm currently running 23020, but I'll try to do a quick test this evening. All I can say is that smbd and nmbd processes were running, and I could access the files via FTP connection.

As for accessing the share, I usually use an IP address, but router name resolves fine too.
<Kong>
DD-WRT Guru


Joined: 15 Dec 2010
Posts: 4339
Location: Germany

PostPosted: Wed Jan 15, 2014 1:26    Post subject: Reply with quote
Eugr wrote:
<Kong> wrote:

If you can give some debug info we might see if there is a problem, since with my config it works on two routers and when I did the throughput testing with the changes I copied about 500GB to 3 different drives from two different PCs Linux/Windows.
And I just did 2 little changes for samba, removing a tuning option in order to use sambas default which are better and add firewall rules to remove samba traffic from connection tracking.

Thus if you can get me the following info to see if the basics are there, run each command in a ssh or telnet session to the router:

ps | grep smb

ifconfig

cat /tmp/smb.conf

Also let me know how you access samba by name or ip e.g.:

\\routerip\share

or

\\routername\share


I'm currently running 23020, but I'll try to do a quick test this evening. All I can say is that smbd and nmbd processes were running, and I could access the files via FTP connection.

As for accessing the share, I usually use an IP address, but router name resolves fine too.


And you are not accessing it from another bridge?

_________________
KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
Eugr
DD-WRT Novice


Joined: 09 Jan 2014
Posts: 42
Location: United States

PostPosted: Wed Jan 15, 2014 2:05    Post subject: Reply with quote
<Kong> wrote:

And you are not accessing it from another bridge?


Nope. I have very basic network config - a single LAN subnet, no fancy VLANs, no guest networks, no custom firewall rules. I do have QoS enabled, but that's on WAN interface only. I'm accessing shares from my internal network - via both wired and wireless connections.
d_stayus
DD-WRT Novice


Joined: 15 Jan 2014
Posts: 1

PostPosted: Wed Jan 15, 2014 2:08    Post subject: Reply with quote
I seem to be having the exact same problem. I just got my R7000 today and installed DD-WRT. I initially flashed r23325 and could not get samba to work, the share would not show up no matter how i tried to access it. I flashed back to r23320 and using the same settings, the share showed up immediately.

I will flash to 23325 again tomorrow and collect some logs and share them here.
jimfree
DD-WRT User


Joined: 26 Apr 2011
Posts: 202
Location: Sacramento CA

PostPosted: Wed Jan 15, 2014 3:11    Post subject: R6300v2 Reply with quote
Since I'm having the same problem and nobody has provided the requested information kong has asked for...here it is. Everything looks OK to me in the config files but neither my Desktop, Laptop nor Android device can see the shares. I have tried using the ip address and the name, neither work. Did the webif reset but not the 30-30-30. Should probably also mention the router does not show up when "browsing the network".

Edit: Pulled a series of SAMBA related from /var/log/messages and added attachment of same. Don't know if these will help or not. Dang, 3 attachment limit, just included it with PS info instead.



pssmb.txt
 Description:

Download
 Filename:  pssmb.txt
 Filesize:  1.27 KB
 Downloaded:  545 Time(s)


smbconf.txt
 Description:

Download
 Filename:  smbconf.txt
 Filesize:  938 Bytes
 Downloaded:  451 Time(s)


ifconfig.txt
 Description:

Download
 Filename:  ifconfig.txt
 Filesize:  2.95 KB
 Downloaded:  608 Time(s)

Eugr
DD-WRT Novice


Joined: 09 Jan 2014
Posts: 42
Location: United States

PostPosted: Wed Jan 15, 2014 7:51    Post subject: Reply with quote
OK, here are my values. I flashed 23325 with "reset to default" option checked, and did just basic wireless security setup + enable USB and Samba.

See attached file with requested output + iptables output.

Looks like it's related to firewall misconfiguration.
After I added a few rules manually, Samba started working:

root@DD-WRT:~# iptables -I INPUT -j ACCEPT -p tcp --dport 137 -s 192.168.1.0/24
root@DD-WRT:~# iptables -I INPUT -j ACCEPT -p tcp --dport 138 -s 192.168.1.0/24
root@DD-WRT:~# iptables -I INPUT -j ACCEPT -p tcp --dport 139 -s 192.168.1.0/24
root@DD-WRT:~# iptables -I INPUT -j ACCEPT -p udp --dport 139 -s 192.168.1.0/24
root@DD-WRT:~# iptables -I INPUT -j ACCEPT -p udp --dport 138 -s 192.168.1.0/24
root@DD-WRT:~# iptables -I INPUT -j ACCEPT -p udp --dport 137 -s 192.168.1.0/24

I probably missed a few rules, because it took too long to discover the shares. However, the file transfer itself worked faster than before and I got 20 MB/s vs. 16 MB/s on 23320.

I rolled back to 23320 for now...

UPD: looking at the rules, maybe what screws it up is deprecated NOTRACK rule (see dmesg output)



eugr_output.txt
 Description:

Download
 Filename:  eugr_output.txt
 Filesize:  13.14 KB
 Downloaded:  1083 Time(s)

<Kong>
DD-WRT Guru


Joined: 15 Dec 2010
Posts: 4339
Location: Germany

PostPosted: Wed Jan 15, 2014 9:54    Post subject: Reply with quote
OK, I can reproduce it now. I did reset setup basics and suddenly not working anymore and I see one rule is missing now, have to check what feature activates this rule.
_________________
KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
<Kong>
DD-WRT Guru


Joined: 15 Dec 2010
Posts: 4339
Location: Germany

PostPosted: Wed Jan 15, 2014 10:35    Post subject: Reply with quote
OK, removed the NOTRACK shit, this does not work well for every configs and most likely has no influence on network share speed with our current firewall ruleset.
_________________
KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
jimfree
DD-WRT User


Joined: 26 Apr 2011
Posts: 202
Location: Sacramento CA

PostPosted: Thu Jan 16, 2014 5:27    Post subject: Reply with quote
I'm glad someone knows what they are doing. It sure isn't me! Thanks Kong, where would we be without you?
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum