DSM-G600, DNS-3xx and NSA-220 Hack Forum

Thanks!

Is it normal for it to be taking up so many resources? I don't have anything reading it when it was running at 86%

I did that, but again, it goes back up after a little while.

Not sure what's accessing it. Are there any commands to determine who is connected?

--EDIT--

Was monitoring the processes and even if i kill the smbd process, it comes back after 5-10 seconds running at 80-100%...

Any help would be great!

Last edited by mushisushi (2009-11-12 00:45:58)

Alright, fixed my ssh but I'm still having issues. I've rebooted the box, reset
the settings and turned off transmission but samba is still running at 70+%.

Anyone have any ideas?

- Have a look at your logfiles. /var/log/messages, /var/log/samba/*, ...
- netstat -a can show you if someting in your LAN is using samba.
- lsof | grep smbd (as root) can show you which files are opened by samba (including the used executable and libraryfiles).
- cd /tmp ; df . can tell you if the tmp directory is full, which can have strange side effects.

It looks to me something is seriously wrong with your system. netstat -a *should* give output, but I don't know what could be able to prevent that.
lsof | grep smbd >> /mnt/HD_a2/lsof.txt should indeed dump it to a file. You can also use lsof | grep smbd | less to be able to scroll up and down.

mushisushi wrote:

smbd      3082 nobody   21u     IPv4      50000                 TCP Buta:445->192.168.0.193:49159 (ESTABLISHED)

So 192.168.0.193 has a connection with samba. Maybe an auto-networkconnection on the box which you use to collect this data?

Is there some way for me to restore everything back to the way it was out of the box?

Yes. Rename or delete fun_plug, reboot the box. Then you can delete /ffp (but it's not necessary, ffp without fun_plug is just data). Then use the 'Reset to factory defaults' in tab Tools in the webinterface, or press the reset button for 15 seconds and reboot.

Network virus?

Just download a Linux LiveCD, and boot your box from it. Then you can exclude W7.

Maybe this one?

Mijzelf wrote:

Maybe this one?

The thread is addressing issues with accessing samba servers, which I don't have, but I did give it a try and that didn't do anything.

KyleK wrote:

Maybe Windows is indexing whatever files you have laying on the NAS? (Media files, for example, if you added folders on the NAS to Windows Media Centers library).

Check in Windows if the SearchIndexer is running while smbd is showing high CPU usage.

WindowsSearch services, WMP library search, and offline files were all disabled, with no luck.


Thanks for your help guys, I really appreciate this.

Anyways, found out that it is using a random port each time. I've used tcpdump to get some information about it, but not sure how to read it.

Last edited by mushisushi (2009-12-05 22:47:09)

Problem NOT Solved!

Turns out I disabled the 'Client for Microsoft Networks' which in turn turned off the microsoft-ds service so it stopped pinging the SAN drive.

At least I have isolated the problem to how windows 7 is accessing the SAN

Last edited by mushisushi (2009-12-08 08:26:36)

mushisushi wrote:

Alright, found the problem! finally!

So the problem boils down to the shared printer. I have a Brother HL-1435 laser printer attached to the DNS323. When I add the device to my windows 7 machine, immediately the network meter spikes and the DNS323 locks up (80% cpu on smbd).

Anyone having issues with Windows 7 and printer sharing with the DNS 323?

I'm having the exact same problem with Windows 7 64-bit Ultimate. I noticed the network activity LED flashing rapidly on the DNS-323. It was also coinciding with COMODO firewall having both green and red lines constantly on. I checked COMODO and it showed the System process connecting to my DNS-323 IP address, and transferring ~1 GB of data back and forth.

I decided to check the processes on the DNS-323. The SMBD process was between 70-80%. At the time, I had recently connected my Brother HL-1450 to the DNS-323 but didn't notice the lights.

The second I removed the printer from Windows 7, the flashing stopped and the smbd process went to 0. When add the printer, the flashing comes back.

For information, I was using the Vista x64 driver for my printer because they didn't have a Windows 7 x64 driver. I didn't have any problems printing using this driver through the DNS-323 though. It's just the constant flashing and the data transfer between the DNS-323 and my Windows 7 machine that's troublesome.

Were you able to fix your issue eventually? Has anyone else encountered this?

I heard that there is a newer version of Samba (http://dns323.kood.org/forum/viewtopic.php?id=5441) that fixes issues with Windows 7 x64. I wonder if that's worth trying.

Last edited by dashrendar (2010-03-24 17:53:58)