Results 1 to 15 of 15
  1. #1
    New Lounger
    Join Date
    Dec 2009
    Location
    Annandale, VA
    Posts
    10
    Thanks
    2
    Thanked 0 Times in 0 Posts

    Win8.1 PC can't see Linux PC on same network

    I have a PC running Ubuntu 14.04 with Samba installed and my home directory (/home/michael) shared as 'michael'. On the same network I have a Windows PC running WIN8.1 (updated). I can ping the Linux PC from the Windows PC and McAfee running on the Windows PC shows the Linux PC in its network (but claims it is offline). However, when I go to the Network section of File Explorer on the Windows PC I cannot see the Linux PC or the shared directory.

    I am sure that I should be able to see each device from the other, but I can't!

    The Linux PC can see (using nmap) the router, itself, the printer and 3 other devices (not the Windows PC). I don't know what these are. One says "PORT State Service and has telnet and btx ports open. The other 2 devices say all 1000 ports are closed.

    The Windows PC (file explorer) can see itself, the router and the printer. It cannot see the Linux PC or any of the 3 other devices that the Linux PC can see.

    I have scoured the web and tried many things but I can't even get as far as trying to get the Windows PC to log into the Samba share on the Linux PC - it can't even see the Linux PC.

    Your help and suggestions would be much appreciated.

    Michael Barraclough

  2. #2
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    9,433
    Thanks
    371
    Thanked 1,456 Times in 1,325 Posts
    Michael,

    Windows does not have drivers for the Linux file system (Ext, Ext2, etc.).

    You may be able to find drivers for windows if your google it. HTH
    May the Forces of good computing be with you!

    RG

    PowerShell & VBA Rule!

    My Systems: Desktop Specs
    Laptop Specs

  3. #3
    New Lounger
    Join Date
    Dec 2009
    Location
    Annandale, VA
    Posts
    10
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Thank you. Do you know if this is something new in Win8? I have seen plenty of references to Win7 users being able to see the Linux shared drive and there is no reference to drivers. Also, I had assumed that Samba/CIFS would take care of this. Is that not the case?

  4. #4
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    9,433
    Thanks
    371
    Thanked 1,456 Times in 1,325 Posts
    Michael,

    No it is not new. See this Article for some help. HTH
    May the Forces of good computing be with you!

    RG

    PowerShell & VBA Rule!

    My Systems: Desktop Specs
    Laptop Specs

  5. #5
    Silver Lounger wavy's Avatar
    Join Date
    Dec 2009
    Location
    ny
    Posts
    2,367
    Thanks
    233
    Thanked 147 Times in 136 Posts
    I don't have a solution but I am reasonably sure the file system on the Linux box should'nt make a difference.Also Linux these days may be using EXT4 for which Windows drivers are scarce.
    David

    Just because you don't know where you are going doesn't mean any road will get you there.

  6. #6
    New Lounger
    Join Date
    Dec 2009
    Location
    Annandale, VA
    Posts
    10
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Following the advice given above I have implemented a driver on the Windows PC which should give it r/w access to EXT2/3/4 on the Linux PC. I still can't see the Linux PC!

  7. #7
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,168
    Thanks
    47
    Thanked 978 Times in 908 Posts
    You should not need a driver to see the Linux disk, the Linux PC does that for you and presents the data to requesting clients.
    I suspect you have a Firewall / AV issue that prevents the Windows PC seeing the network. To confirm this turn off the firewall / AV and test.

    cheers, Paul

  8. #8
    Silver Lounger wavy's Avatar
    Join Date
    Dec 2009
    Location
    ny
    Posts
    2,367
    Thanks
    233
    Thanked 147 Times in 136 Posts
    Also Linux these days may be using EXT4 for which Windows drivers are scarce.
    My bad after reading the article I see there are drivers for EXT4 available. I am sorry if I misled anyone. I have bookmarked the sites.


    David

    Just because you don't know where you are going doesn't mean any road will get you there.

  9. #9
    Star Lounger
    Join Date
    May 2010
    Posts
    57
    Thanks
    1
    Thanked 12 Times in 9 Posts
    Michael,

    Quote Originally Posted by barraclm View Post
    I have a PC running Ubuntu 14.04 with Samba installed and my home directory (/home/michael) shared as 'michael'. On the same network I have a Windows PC running WIN8.1 (updated). I can ping the Linux PC from the Windows PC and McAfee running on the Windows PC shows the Linux PC in its network (but claims it is offline). However, when I go to the Network section of File Explorer on the Windows PC I cannot see the Linux PC or the shared directory.
    You didn't mention if you were running Ubuntu 14.04 Desktop or Server edition so I'm assuming it's the Desktop edition with Ubuntu's "Unity" interface.

    The first step is to see if Samba is running and accepting any kind of connection...

    1. Open a terminal window.
    2. Run the following command (part of Samba's client utilities):

      smbclient -L localhost

      (If the smbclient program isn't available, run the command "sudo apt-get install smbclient" in the terminal window to install it.)

    3. You'll likely be prompted for a password, but just hitting [Enter] should be fine.

    If it all goes as expected, you should see output like the following (instead of "LINUX-PC", it will be the name you gave your computer):

    Enter michael's password:
    Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.6-Ubuntu]

    Sharename Type Comment
    --------- ---- -------
    IPC$ IPC IPC Service (linux-pc server (Samba, Ubuntu))
    print$ Disk Printer Drivers
    HP-LaserJet Printer HP LaserJet
    Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.6-Ubuntu]

    Server Comment
    --------- -------
    LINUXPC linux-pc server (Samba, Ubuntu)

    Workgroup Master
    --------- -------
    WORKGROUP LINUX-PC

    Next, test connecting to the network share...

    1. Run the following command:

      smbclient '\\localhost\michael'

    2. If you set a password for the network share, enter it when prompted.

      (The password is not necessarily the same as your login password for Ubuntu. Windows uses a different cipher than Linux. Because the passwords are encrypted using a one-way hash, Samba needs to store the encrypted passwords in its own database.)

    If successful, you should see something like this:

    Enter michael's password:
    Domain=[LINUX-PC] OS=[Unix] Server=[Samba 4.1.6-Ubuntu]
    smb: \>

    The program smbclient works like a command-line FTP client (type "help" or "?" for a list of commands). Type "ls" to see if it shows the contents of your home directory.

    I am sure that I should be able to see each device from the other, but I can't!

    The Linux PC can see (using nmap) the router, itself, the printer and 3 other devices (not the Windows PC). I don't know what these are. One says "PORT State Service and has telnet and btx ports open. The other 2 devices say all 1000 ports are closed.
    The telnet and btx ports might be from your router or even the printer if it has both wired and wireless interfaces.

    Part of the reason that the Linux and Windows PCs aren't able to easily see each other is because Windows (since XP SP2) has a firewall enabled by default. In Windows Vista and higher, even ICMP Echo (aka. Ping) packets are ignored by default. A quick scan using Nmap only tests each IP address with a ping. If there's no response, it's assumed that nothing is there. But even a deep scan targeting a specific IP address might not reveal much depending on the firewall settings.

    Linux distributions include a built-in firewall (Netfilter + iptables), but not every distribution enables it by default. RHEL/CentOS/Fedora does, but Ubuntu and many of the Ubuntu-based distributions often do not.

    In Linux, to quickly see if there are any firewall rules, run the command:

    sudo iptables-save

    (The command "iptables -L" can also be used, but the raw output can be harder to read, while nicely formatted "iptables-save" output can be imported by "iptables-restore".)

    Ubuntu also includes a custom utility called "ufw" to manage the firewall rules. A few examples:

    ufw status
    ufw disable
    ufw enable

    The Windows PC (file explorer) can see itself, the router and the printer. It cannot see the Linux PC or any of the 3 other devices that the Linux PC can see.
    Windows Explorer's network browsing only scans for network shares so it's not able to compete with Nmap. Once we know that your Linux PC can see its own network shares, the next step is to test the connection from Windows:

    1. Open a command prompt.
    2. Run the command:

      net use u: \\ip-address-of-linux-pc\michael

      (Windows assumes that the current username and password are the same as the one on the remote computer. If your Windows login name is not "michael" (case-sensitive), then you'll need to change the command to:

      net use u: \\ip-address-of-linux-pc\michael /user:michael

    3. When prompted, enter the Samba password you set up on the Linux PC.

    If successful, the command will return a "Command completed successfully" reply and you'll be able to browse the contents of your home directory on the Linux PC via the "u:" drive in Windows.

    I have scoured the web and tried many things but I can't even get as far as trying to get the Windows PC to log into the Samba share on the Linux PC - it can't even see the Linux PC.

    Your help and suggestions would be much appreciated.

    Michael Barraclough
    So, when troubleshooting network file/printer sharing, a few tips:

    1. As Paul T also recommended, rule out any firewalls. On a private network, it might be helpful to temporarily turn off any firewalls to keep things simpler. On Windows PCs, the built-in firewall might be replaced by a third party firewall (e.g. McAfee, Norton, ZoneAlarm), making things even more complicated.
    2. Inside a home network, there's really no benefit to blocking ICMP Echo (Ping) packets. It makes debugging network connections a lot easier if all of the devices can be pinged. Most home users are using NAT so the rest of the Internet isn't going to be able to ping the computers behind the router anyhow so there's no need to hide the home devices from each other. In Linux, ping is usually not blocked by default. For Windows, Google "Windows 8.1 ICMP Echo" for detailed instructions.
    3. Avoid using the graphical tools for troubleshooting because they often hide valuable debugging info. For example, the command-line tool "net" in Windows is a lot more helpful with finding out if the problem is the network connection, the share name, the username or password, while Windows Explorer often spits out the same error message for all of the above.


    Just to follow-up on the earlier posts, an EXT 2/3/4 driver for Windows isn't needed unless you'll be plugging in some hard drives or flash drives into your Windows PC. Samba on Linux provides a SMB/CIFS server, which Windows already supports.

    Chung

  10. The Following 3 Users Say Thank You to gadget For This Useful Post:

    barraclm (2014-10-11),riffraff (2014-10-16),wavy (2014-10-10)

  11. #10
    New Lounger
    Join Date
    Dec 2009
    Location
    Annandale, VA
    Posts
    10
    Thanks
    2
    Thanked 0 Times in 0 Posts
    I don't just want to say Thank You to Gadget - I want to say THANK YOU, THANK YOU, THANK YOU


    This post was fabulous.

    LINUX PC
    ======
    smbclient -L localhost showed that I did have a share set up, and
    smbclient '\\localhost\michael' showed that I could connect to it
    sudo iptables-save showed that I did have rules (and that my recent attempt to remove some had failed, or only worked for that session)
    (sudo) ufw status (I needed sudo) showed that I was not accepting requests, and
    (sudo) ufw disable (I needed sudo) killed the firewall (which I had never enabled, that must have happened on installation)
    WINDOWS PC
    =========
    net use u: \\ip-address-of-linux-pc\michael then connected and I was able to see my files on the Linux PC.

    This state remained after both PCs were rebooted and I was able to read and write to a file on the Linux PC using software on the Windows PC.

    I can't thank Gadget enough for this clear, concise and practical guidance.

    All I need now is guidance on how to close the firewall on Linux so that it is open to requests from 'michael', but not from anyone else.

    Michael Barraclough

  12. #11
    Star Lounger
    Join Date
    May 2010
    Posts
    57
    Thanks
    1
    Thanked 12 Times in 9 Posts
    Quote Originally Posted by barraclm View Post
    I don't just want to say Thank You to Gadget - I want to say THANK YOU, THANK YOU, THANK YOU
    You're welcome.

    Quote Originally Posted by barraclm View Post
    This post was fabulous.

    LINUX PC
    ======
    smbclient -L localhost showed that I did have a share set up, and
    smbclient '\\localhost\michael' showed that I could connect to it
    sudo iptables-save showed that I did have rules (and that my recent attempt to remove some had failed, or only worked for that session)
    (sudo) ufw status (I needed sudo) showed that I was not accepting requests, and
    (sudo) ufw disable (I needed sudo) killed the firewall (which I had never enabled, that must have happened on installation)
    Yes, I checked one of my Ubuntu 14.04 installs, and unlike previous versions of Ubuntu, a default set of firewall rules is included during installation. Interestingly, this is only true for the desktop installs; in Ubuntu Server 14.40 the firewall is disabled by default.

    Quote Originally Posted by barraclm View Post
    WINDOWS PC
    =========
    net use u: \\ip-address-of-linux-pc\michael then connected and I was able to see my files on the Linux PC.

    This state remained after both PCs were rebooted and I was able to read and write to a file on the Linux PC using software on the Windows PC.
    Windows records the details for network shares in the Windows registry so that the connections can be re-established between reboots. There's a parameter "/persistent" that defaults to "yes". If it had been "no", the connection would only last as long as the current login session:

    net use u: \\192.168.1.10\michael /persistent:no

    Quote Originally Posted by barraclm View Post
    I can't thank Gadget enough for this clear, concise and practical guidance.

    All I need now is guidance on how to close the firewall on Linux so that it is open to requests from 'michael', but not from anyone else.

    Michael Barraclough
    At this rate, you might soon end up knowing more about Linux than Windows.


    Chances are that your router is already providing a firewall shielding your home network from the rest of the Internet, so enabling the firewall on the Linux PC isn't absolutely necessary, but it doesn't hurt either. If you're curious about what others outside your network can see, run a remote scan using Steve Gibson's (a well respected security researcher and software developer) Shields Up scanner:



    Assuming that your Ubuntu Linux PC has the default set of firewall rules, here's a quick primer on configuring the firewall...

    (Prefix each command below with "sudo", or to save some typing, do "sudo -i" to switch to an interactive root shell -- just watch out for typos. )

    See if there are any custom rules defined. Dump a numbered list:

    ufw status numbered

    If it just shows "Status: active", it will make it a lot easier to add your own rules. Here's a very basic template for inserting a rule:

    ufw insert 123 allow proto tcp from 192.168.1.10 to any port 12345

    In the template above, translated to non-geek speak...

    Insert as rule #123, allowing TCP traffic from the network host with IP address 192.168.1.10 to connect to any network interface listening on port 12345.

    The parts highlighted in bold text need to be customized to suit the particular need. Keep in mind that we're making a lot of assumptions here so that's why we're ignoring the choice of "tcp" or "udp", using "to any", etc.

    The first highlighted number, 123, is the line number in the list of rules. So, if there are already two rules defined, you can insert a new rule between them by specifying "insert 2". This would push the existing rule 2 down to rule 3.

    Before...

    Code:
    Status: active
    
         To                         Action      From
         --                         ------      ----
    [ 1] 12345/tcp                  ALLOW IN    192.168.1.9
    [ 2] 12345/tcp                  ALLOW IN    192.168.1.11
    After "ufw insert 2 allow proto tcp from 192.168.1.10 to any port 12345"...

    Code:
    Status: active
    
         To                         Action      From
         --                         ------      ----
    [ 1] 12345/tcp                  ALLOW IN    192.168.1.9
    [ 2] 12345/tcp                  ALLOW IN    192.168.1.10
    [ 3] 12345/tcp                  ALLOW IN    192.168.1.11
    If you don't include a line number, it's assumed that the new rule is to be added to the bottom of the list.

    To delete a rule, use the delete command plus the line number:

    ufw delete 2

    The second highlighted number, 192.168.1.10, is the IP address pattern you want to match against. It can be a single IP address or it can be a range. For home users, probably the two most common ones are to allow a single IP address...

    192.168.1.10

    Or the entire home network...

    192.168.1.0/24

    The "/24" masks the first 3 octets (3 octets x 8 bits = 24 bits). Every computer on the local network is assumed to have the same prefix "192.168.1" followed by a unique host number from 1 to 254 (0 and 255 are reserved, while 1 is typically the network gateway/router).

    (In the examples I'm using the "Class C" range, 192.168.0.0 to 192.168.255.255, because it seems to be the default for most consumer routers.)

    The third highlighted number, 12345, is the network port. In Linux, the text file located at /etc/services contains a list of the assigned network ports for various services. You can also find similar lists on Wikipedia or Google for the appropriate port number(s) to use.

    For a simple configuration, the order of the rules generally isn't important. If you add more rules for additional services and/or want a more complicated mix, then the order becomes more important. Rules are processed in order of appearance. Here's a quick example:

    Code:
    Status: active
    
         To                         Action      From
         --                         ------      ----
    [ 1] 5900/tcp                  ALLOW IN    192.168.1.9
    [ 2] 5900/tcp                  ALLOW IN    192.168.1.0/24
    In the example above, rule #1 is overridden by rule #2 because the range covers every host number from 1 to 255.

    So, in a nutshell, to re-enable the firewall in Ubuntu with custom rules to allow SMB/CIFS network traffic through (substituting in the appropriate IP address assigned to your Windows PC):

    First, turn the firewall back on...

    ufw enable

    Then add two custom rules to open up TCP ports 139 and 445 used by Microsoft's SMB/CIFS protocol...

    ufw insert allow proto tcp from 192.168.1.10 to any port 139
    ufw insert allow proto tcp from 192.168.1.10 to any port 445

    The changes are effective immediately. If there are no errors, you'll see the new rules with "ufw status" and you'll still be able to access the network share from your Windows PC.

    If you want to allow all computers within your local network, specify a range like this:

    ufw insert allow proto tcp from 192.168.1.0/24 to any port 139
    ufw insert allow proto tcp from 192.168.1.0/24 to any port 445

    Depending on the features needed and how old the connecting clients are, you might also need to open up TCP ports 137 and 138 ("grep -i netbios /etc/services" for a complete list).

    There are also all kinds of configuration options for Samba that can help with additional security, but given that the manual just for the "smb.conf" file is more than 141 pages, everyone reading this might doze off before we got through it.

    Chung
    Last edited by gadget; 2014-10-14 at 13:32.

  13. #12
    Silver Lounger wavy's Avatar
    Join Date
    Dec 2009
    Location
    ny
    Posts
    2,367
    Thanks
    233
    Thanked 147 Times in 136 Posts
    Gadget
    Dumb question are linux firewall rules processed sequentially? If I remember correctly w/ a cisco router if a rule is encountered that calls for an action on a packet either allow or block that action is performed and no further processing of rules is done for that package. When I boot up a linux box I will try some of the commands to try to understand what I have been content to ignore. Thanks again for all the good info.
    David

    Just because you don't know where you are going doesn't mean any road will get you there.

  14. #13
    Star Lounger
    Join Date
    May 2010
    Posts
    57
    Thanks
    1
    Thanked 12 Times in 9 Posts
    Quote Originally Posted by wavy View Post
    Gadget
    Dumb question are linux firewall rules processed sequentially? If I remember correctly w/ a cisco router if a rule is encountered that calls for an action on a packet either allow or block that action is performed and no further processing of rules is done for that package. When I boot up a linux box I will try some of the commands to try to understand what I have been content to ignore. Thanks again for all the good info.
    Hi wavy,

    Thanks for catching my mistake!

    Yes, you're right. In the example I gave, the deny rule would have stopped the processing (I was thinking about the flow through chains at the time). That's what I get for editing and re-editing trying to spot mistakes only to miss the proverbial "forest for the trees".

    I had a elementary school teacher that liked to say that there's no such thing as a dumb question -- except for the ones that you don't ask.

  15. #14
    Silver Lounger wavy's Avatar
    Join Date
    Dec 2009
    Location
    ny
    Posts
    2,367
    Thanks
    233
    Thanked 147 Times in 136 Posts
    Glad to be of help.
    David

    Just because you don't know where you are going doesn't mean any road will get you there.

  16. #15
    Star Lounger
    Join Date
    Apr 2011
    Posts
    99
    Thanks
    5
    Thanked 18 Times in 17 Posts
    Chung,
    Add another THANKS for this excellent post.
    And a big WELCOME to the lounge. We need people of your knowledge and writing ability.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •