Bonjour, En regardant les fichiers de mon serveur dans /var/log/samba, j'ai constaté que plusieurs fichiers de log étaient présents :
[EMAIL PROTECTED]:/var/log/samba # ls -l -st total 804 0 -rw-r--r-- 1 root root 0 2008-07-24 06:28 log.nmbd 200 -rw-r--r-- 1 root root 196849 2008-07-23 09:47 log.voile 4 -rw-r--r-- 1 root root 311 2008-07-23 09:15 log.nmbd.1.gz 4 -rw-r--r-- 1 root root 1760 2008-07-23 09:14 log.smbd 16 -rw-r--r-- 1 root root 14946 2008-07-22 14:08 log.192.168.0.1 36 -rw-r--r-- 1 root root 34086 2008-07-21 17:24 log.192.168.0.248 8 -rw-r--r-- 1 root root 6707 2008-07-21 14:35 log.luge 40 -rw-r--r-- 1 root root 37906 2008-07-13 15:33 log.192.168.0.229 4 -rw-r--r-- 1 root root 219 2008-07-13 15:14 log.smbd.1.gz 4 -rw-r--r-- 1 root root 331 2008-07-12 20:39 log.smbd.2.gz 4 -rw-r--r-- 1 root root 400 2008-07-11 19:22 log.nmbd.2.gz 64 -rw-r--r-- 1 root root 59086 2008-07-05 16:00 log.192.168.0.4 4 -rw-r--r-- 1 root root 192 2008-06-29 06:28 log.smbd.3.gz 4 -rw-r--r-- 1 root root 335 2008-06-27 16:52 log.smbd.4.gz 4 -rw-r--r-- 1 root root 323 2008-06-22 19:14 log.nmbd.3.gz 4 -rw-r--r-- 1 root root 270 2008-06-17 21:14 log.smbd.5.gz 4 -rw-r--r-- 1 root root 310 2008-06-09 11:49 log.nmbd.4.gz 4 -rw-r--r-- 1 root root 237 2008-06-09 11:43 log.smbd.6.gz 4 -rw-r--r-- 1 root root 331 2008-06-06 20:23 log.nmbd.5.gz 4 -rw-r--r-- 1 root root 348 2008-06-06 20:17 log.smbd.7.gz 40 -rw-r--r-- 1 root root 38362 2008-06-01 21:42 log.75.36.1.250 4 -rw-r--r-- 1 root root 426 2008-05-31 15:28 log.nmbd.6.gz 0 -rw-r--r-- 1 root root 0 2008-05-24 00:38 log.66.136.89.119 0 -rw-r--r-- 1 root root 0 2008-05-23 17:01 log.213.154.72.196 0 -rw-r--r-- 1 root root 0 2008-05-22 17:02 log.168.243.179.36 4 -rw-r--r-- 1 root root 342 2008-05-12 13:52 log.nmbd.7.gz 0 -rw-r--r-- 1 root root 0 2008-04-03 16:10 log.69.66.26.5 0 -rw-r--r-- 1 root root 0 2008-04-01 06:18 log.220.191.255.66 0 -rw-r--r-- 1 root root 0 2008-03-28 01:32 log.85.207.119.248 4 -rw-r--r-- 1 root root 148 2008-03-21 11:52 log.75.154.254.62 voile et luge sont mes clients du réseau 192.168.* Mais les autres... Comment se fait-il que ces fichiers soient générés par Samba sachent que mon script netfilter n'autorise pas l'ouverture des ports Samba ? Samba est normalement invisible et interdit depuis l'extérieur ! Pour info, le contenu de certains logs : [EMAIL PROTECTED]:/var/log/samba # head log.caisse log.75.154.254.62 log.75.36.1.250 ==> log.caisse <== [2008/03/21 11:50:05, 0] lib/util_sock.c:read_data(534) read_data: read failure for 4 bytes to client 193.253.192.206. Error = Connection timed out ==> log.75.154.254.62 <== [2008/03/21 11:52:32, 0] lib/util_sock.c:read_data(534) read_data: read failure for 4 bytes to client 75.154.254.62. Error = Connection timed out ==> log.75.36.1.250 <== [2008/05/31 18:30:49, 0] smbd/service.c:make_connection(1111) 75.36.1.250 (75.36.1.250) couldn't find service admin$ [2008/05/31 18:30:49, 0] smbd/service.c:make_connection(1111) 75.36.1.250 (75.36.1.250) couldn't find service admin$ [2008/05/31 18:30:50, 0] smbd/service.c:make_connection(1111) 75.36.1.250 (75.36.1.250) couldn't find service admin$ [2008/05/31 18:30:50, 0] smbd/service.c:make_connection(1111) 75.36.1.250 (75.36.1.250) couldn't find service admin$ [2008/05/31 18:30:50, 0] smbd/service.c:make_connection(1111) 75.36.1.250 (75.36.1.250) couldn't find service c$ J'ai vérifié mon firewall à l'aide de Shields Up (https://www.grc.com/x/ne.dll?rh1dkyd2) et seuls les ports 80 et 22 sont ouverts. D'où peuvent provenir la génération de ces logs Samba ? -- Michel Grentzinger OpenPGP key ID : B2BAFAFA Available on http://www.keyserver.net -- Lisez la FAQ de la liste avant de poser une question : http://wiki.debian.org/DebFrFrenchLists Vous pouvez aussi ajouter le mot ``spam'' dans vos champs "From" et "Reply-To:" To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]