Samba server on pfSense 2.0.2
-
well the quide is quite good it works just as i wanted with some optimizations.
the problem is that after every restart of pfsense samba is not starting as it should.
after a restart giving "service samba status"
i get```
nmbd is not running.
smbd is not running.
winbindd is not running.if i try this "service winbindd start"
winbindd does not exist in /etc/rc.d or the local startup
directories (/usr/local/etc/rc.d)this is my: /etc/rc.conf.local
samba_enable="YES"
nmbd_enable="YES"
smbd_enable="YES"
winbindd_enable="YES"if i reinstall everything , it works!!!, until the next restart :( any ideas ?
-
For me its working with this modification and after reboot samba is working as expected.
cp /usr/local/etc/rc.d/samba /usr/local/etc/rc.d/samba.sh
Forgot to mention u can start/stop samba without making the modification with:
/usr/local/etc/rc.d/samba onestart
/usr/local/etc/rc.d/samba onestopWith those commands maybe u can make an cron job to allow users to share with samba at any time u want :D
Best regards
P.S. Sorry for my english, is not my native language
-
Registered just to reply to this thread (and probably others in the future).
The problem I got with this Samba package is that it's trying to put the PID files into a folder in /var/run that doesn't exist (apparently /var/run is cleaned on reboot) and it doesn't have the foresight to create said folder again. The fix is simple, create that folder automatically during boot before Samba starts. edit: or you can just edit the startup script so that the PID files are created in a valid location.
The easiest way I found to do it is to edit the xml config file (/cf/conf/config.xml) and add "<shellcmd>mkdir /var/run/samba</shellcmd>" at the end of the system section so it becomes something like this :
…
<dnsallowoverride><shellcmd>mkdir /var/run/samba</shellcmd><interfaces>...</interfaces></dnsallowoverride>
You might also need to copy the samba run script to samba.sh as suggested by ghostdust for Samba to start automatically.
cp /usr/local/etc/rc.d/samba /usr/local/etc/rc.d/samba.sh
After this everything should work fine, at least it did so on my test machine.
-
-
<shellcmd>mkdir /var/run/samba</shellcmd>
-
cp /usr/local/etc/rc.d/samba /usr/local/etc/rc.d/samba.sh
After this everything should work fine, at least it did so on my test machine.
Just tested this , and i can confirm that it is working like a charm even after a restart.
I want to thank both Haxdal & ghostdust. -
-
I know this is pretty old post,
but would love to have a samba or ftp package on my pfbox,
my current hardware is simply overkill for a firewall.
-
@hongkonger:
I know this is pretty old post,
but would love to have a samba or ftp package on my pfbox,
my current hardware is simply overkill for a firewall.
Well the guide is pretty straight forward about samba server.
Read the guide and the troubleshooting below.
Here to help with ;) -
Instructions for pfsense 2.2.2-RELEASE (FreeBSD 10.1) with regards to the original steps
run these commands:
pkg
pkg install net/samba42Note 1: samba4.3 released on september 8th, you may be able to install this in future with pkg install net/samba43
Note 2: this has a bunch of dependencies which pkg will need to add automatically, potential security issuesCreate /etc/rc.conf with this (rc.conf.local no longer required):
samba_server_enable="YES"Primary conf file name changed:
cat /usr/local/etc/smb4.conf
[global]
server string = pfSense
interfaces = em0, lo
bind interfaces only = Yes
guest account = root
os level = 39
preferred master = Yes
usershare allow guests = Yes
idmap config * : backend = tdb[Public]
comment = Huh?
path = /home/
read only = No
guest ok = YesNote 3: keep an eye on the interface only section, replace yours their and change the path as needed.
Providing god doesn't hate you:
/usr/local/etc/rc.d/samba_server start
Performing sanity check on Samba configuration: OK
Starting nmbd.
Starting smbd.Note 4: Conf file help: (on a linux system) run testparm <your conf="" file="">. This outputted a better formatted conf file that worked on freebsd.
Also make sure you bind your interfaces right, you probably don't want this on the internet (maybe you do?)
netstat -na | grep 445
tcp4 0 0 192.168.1.1.445 . LISTEN
netstat -na | grep 137
udp4 0 0 192.168.1.255.137 .
udp4 0 0 192.168.1.1.137 .
udp4 0 0 *.137 .General help:
http://wiki.samba.org/index.php/Samba4/HOWTOHere's a FreeBSD gpart cheat sheet for those who are lazy and normally use gparted on linux like me:
https://forums.freebsd.org/threads/gpart-cheatsheet-wiping-drives-partitioning-formating.45411/
mount /dev/da0p1 backup/Hope this helps others, feel free to comment if things i've placed here should be done differently.</your>
-
Hope this helps others,
Only to get open or damage their firewall. SAMBA on WAN connected devices are a huge security risk
and that not only based on BSD or Linux. Even!feel free to comment if things i've placed here should be done differently.
A SAMBA server has nothing to search on a firewall, router, gateway or any other device
connected to the WAN interface directly. -
@BlueKobold:
Hope this helps others,
Only to get open or damage their firewall. SAMBA on WAN connected devices are a huge security risk
and that not only based on BSD or Linux. Even!feel free to comment if things i've placed here should be done differently.
A SAMBA server has nothing to search on a firewall, router, gateway or any other device
connected to the WAN interface directly.I think these points, as valid as they are, are covered extensively in this and especially other places on the pfsense forum. the only place where someone likely would risk this is a home environment where the security risks from hacked cell phones or infected windows PCs probably outweighs smbd on pfsense by a couple orders of magnitude.
for me, I have a USB external HDD that needs to be connected to a PC or other device, and that device needs to stay on 24x7 for constant remote file access. I try to limit the kilowatt hours of electricity usage as much as possible so that is my main motivation instead of connecting it to a PC and leaving that on (pfsense runs on an old laptop at my home). buying a external HDD enclosure that has ethernet and it's own smbd running is not free either so this is a good free alternative with the implied security risk, to an environment which contains a limited amount of sensitive information.
-
I love it how people justify garbage setups because of minuscule costs..
So you could pickup a pogo plug (tiny computer) for under $20 uses like zero power. You could pickup a pi again for under $35 for sure.. You could get the latest and greatest pi 2 b+ kit with SD card, etc.. for $55 uses like nothing for power..
pogo you can run arch linux on, has usb 2, usb 3 and even 1 USM/SATA Slot
http://www.amazon.com/Pogoplug-Series-4-Backup-Device/dp/B006I5MKZYSo your setting up something that clearly is unsupported because its a power saving issue, or cost of running a new piece of hardware? That you can get for pennies? Clearly you paying for internet, have a laptop, and most likley multiple pcs? Since you mention old PC buty don't want to leave it on because of power.
But you can not afford $20 to have a new toy to play with!!! And also provide your samba sharing server…