Stop nmbd (i.e. ports 137/138)

Team,

The output of /etc/config/samba4 says:

# cat /etc/config/samba4

config samba
        option workgroup 'zion'
        option charset 'UTF-8'
        option name 'onion'
        option description 'onion'
        option interface 'loopback lan'
        option workgroup 'zion'
        option description 'GL.iNet Router'
        option disable_netbios '1'
        list additional_smbconf 'server role = standalone server'
        list additional_smbconf 'smb ports = 445'
        list additional_smbconf 'obey pam restrictions = yes'
        list additional_smbconf 'server min protocol = SMB2'

The output of netstat -tulpn says:

# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      9641/AdGuardHome
tcp        0      0 10.10.1.240:22          0.0.0.0:*               LISTEN      5068/dropbear
tcp        0      0 10.10.1.240:88          0.0.0.0:*               LISTEN      9641/AdGuardHome
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      6752/nginx.conf -g
tcp        0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN      4093/uhttpd
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN      14703/smbd
tcp        0      0 127.0.0.1:6060          0.0.0.0:*               LISTEN      9641/AdGuardHome
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      6752/nginx.conf -g
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      4093/uhttpd
tcp        0      0 100.100.1.240:63923     0.0.0.0:*               LISTEN      7584/tailscaled
tcp        0      0 :::53                   :::*                    LISTEN      9641/AdGuardHome
tcp        0      0 :::443                  :::*                    LISTEN      6752/nginx.conf -g
tcp        0      0 :::8443                 :::*                    LISTEN      4093/uhttpd
tcp        0      0 :::445                  :::*                    LISTEN      14703/smbd
tcp        0      0 :::80                   :::*                    LISTEN      6752/nginx.conf -g
tcp        0      0 :::8080                 :::*                    LISTEN      4093/uhttpd
udp        0      0 10.10.1.255:137         0.0.0.0:*                           14704/nmbd
udp        0      0 10.10.1.240:137         0.0.0.0:*                           14704/nmbd
udp        0      0 0.0.0.0:137             0.0.0.0:*                           14704/nmbd
udp        0      0 10.10.1.255:138         0.0.0.0:*                           14704/nmbd
udp        0      0 10.10.1.240:138         0.0.0.0:*                           14704/nmbd
udp        0      0 0.0.0.0:138             0.0.0.0:*                           14704/nmbd
udp        0      0 0.0.0.0:41641           0.0.0.0:*                           7584/tailscaled
udp        0      0 127.0.0.1:53            0.0.0.0:*                           9641/AdGuardHome
udp        0      0 0.0.0.0:67              0.0.0.0:*                           9641/AdGuardHome
udp        0      0 :::41641                :::*                                7584/tailscaled
udp        0      0 :::53                   :::*                                9641/AdGuardHome

I wouldn’t expect port 137 and 138 here since the config has option disable_netbios '1'.

What am I missing out on?

I’m running firmware version 4.8.2 on a model known as GL Technologies, Inc. AXT1800.

With warm regards - Will

I also tried manually samba4.@samba[0].disable_netbios='1' and manually remove the comment about disable netbios in samba configuration,

cat /etc/samba/smb.conf.template | grep "disable netbios"
        disable netbios = yes

cat /etc/samba/smb.conf | grep "disable netbios"
        disable netbios = yes

None of the above configurations can disable netbios.

But when I try to comment out the netbios daemon in start script of samba4, I found the netbios is disabled, no 137 and 138 ports listening, and without affecting samba.

root@GL-AX1800:~# netstat -tunl | grep 137
root@GL-AX1800:~# netstat -tunl | grep 138
root@GL-AX1800:~# netstat -tunl | grep 445
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN
tcp        0      0 :::445                  :::*                    LISTEN

image990×546 29.6 KB

You can have a try.