Samba: remote Win XP and Mac OS X machines can no longer mount shares

Looks like a networking issue more than a samba issue... as samba is probably not involved in deciding to ACK a specific SYN packet or not. One difference between your Windows XP and your Linux hosts is the IP address (192.168.1.64 in one case, 128.83.133.100 in the other): are both of those networks routable from 216.110.51.120 ? If yes, could you place a Linux system in that 192.168.1.0/24 network and reproduce the trace ?

AFAICT it looks like the Lucid server TCP queue considers the 192.168.1.64 packet a martian and just discards it. Anything in your kernel logs ? Do other TCP-based services on that Lucid host succeed in talking with the Windows XP host ?

Thierry, as usual, thanks for your rapid response/attention to these issues.

Good suggestion; I will try using a linux machine to connect from 192.168.1.x, which is my home network. First, let me point out that Win XP and Mac OS X machines on various networks have been unable to connect to the Samba server -- I only tested linux from one location, but will try your suggestion this weekend.

128.83.133.100 is routable from 216.110.51.120, but 192.168.1.64 is not, as this is a private network using NAT. The external address for 192.168.1.64 is 99.91.6.24, and this is routable from 216.110.51.120. Using an ssh proxy on the firewall for the Samba server (i.e. using iptables to route port 2222 on the firewall to port 22 on the samba server), I can ssh from the Win XP machine directly to the Samba server, and using a windows SSH FS tool called ExpanDrive, can map and use drives over ssh; i.e. other TCP/IP protocols do work from the (firewalled) 192.168.1.64 Windows desktop to the (firewalled) Samba server.

Re: server logs:
The only thing in the server logs regarding 99.91.6.24 are the ssh connections:
root@data:/var/log# rgrep '99.91.6.24' *
auth.log:Mar 3 21:07:10 data sshd[26848]: Accepted password for pgoetz from 99.91.6.24 port 1085 ssh2
auth.log:Mar 3 21:21:51 data sshd[26920]: Accepted password for pgoetz from 99.91.6.24 port 1118 ssh2
(etc. -- several ssh connections listed)

Note that the new Samba server keeps track of all connection attempts (mostly unfriendly probes) and creates individual log files for them:
  log.__ffff_82.64.100.254 (attempted hack)
  log.ea103 (legitimate internal desktop)
  log.lizard (linux desktop used for testing)
  (etc.)

Log files exist even for failed connection attempts, but none exists for 99.91.6.24.

"could you place a Linux system in that 192.168.1.0/24 network and reproduce the trace?"

Good call, Thierry! I was certain that the linux machine would be able to connect from 192.168.1.0/24, but was shocked to discover that it doesn't. A trace of the packets shows the same lack of response from the SMB server. This lead to a few more tests indicating that the problem must be that the ISP is blocking incoming port 445 traffic.

Normally I would have suspected this, but in this case I have Windows XP users on another subnet for which this was working right up until the day of the system upgrade, and didn't work subsequently. Since (presumably) nothing changed on their end during this 3-day period; i.e. no new ISP, no new firewall, same Windows XP machines, I assumed the problem must be with the server. Since I've subsequently been able to mount shares from a Windows XP machine on a different subnet, this can't be the problem. I still don't have an explanation for why the TCP SMB connection was working for the actual Win XP users prior to the upgrade from Debian to Lucid, but not after.

Please mark this bug as "Invalid" with my humble apologies!! I plan not to be fooled by this trick again.

Marking invalid as requested by the bug reporter.