Samba Announcement

[Dang]

Would anyone know how to stop samba from announcing itself on the network (short of stopping the samba services) or doing a election request?  I've tried various things in the Global section of the smb.conf file (e.g. "lm announce = no" and "lm interval = 0").
The problem is, I think it is the culprit that keeps waking up my verizon broadband modem - which is connect to a cradlepoint router.  I tried, blocking all internet access from the machine, but it still seems to get through and wake up the modem.

[muungwana]

how will other machines see the shares if they arent broadcasted?

you can make up iptable rules and block all samba traffic from leaving your computer

[Dang]

I have two other machine on the home network, I know it's there and just call for the shares (which is all it's doing).  I don't know much about iptables and where to even set that up, if block all samba traffic, won't prevent my shares from being mounted on the other two machines?

[muungwana]

first solution will be to make samba stop broadcasting their presence. Second solution is to have your network block samba traffic to the broadcasting address from leaving.

a little bit of googling and samba seem to broadcast using port number 137 and 138 and you can block traffic from these ports with these two commands

iptables -I OUTPUT  -p udp --sport 138 -j DROP
iptables -I OUTPUT  -p udp --sport 137 -j DROP

make sure you have iptables installed and running.

you can start/stop services by going to pcc-> systems-> manage system services. Those commands will not survive reboots and we will discuss saving them if you decide to take this option

[Dang]

Thanks muungwana!
That seemed to work.  I did have something wake it up after 11 hours (not too bad).  Would know if the Samba packet's destination would also be to 137 & 138 ports?  If so I could supposedly  block that on the router.

[muungwana]

  Would know if the Samba packet's destination would also be to 137 & 138 ports?  If so I could supposedly  block that on the router.

i didnt get what you mean here

if you want those two rules to survive reboots, run the following command as root

"services iptables save"

[Dang]

Well what I meant is that, in my router I can block packets that are going outside to the WAN whose destination is a specified (by me) a port # on a range of IP address. 
Is, for example, port 138 on my host sending out to port 137 listening on another host (or visa versa)?  If so I could maybe block the packets going out to those ports. My thought  was that if that aspect of the router worked, I wouldn't need the iptables restriction, and make the host visible on my network again.  However, I guess it really doesn't matter.  It seems to be working the way  I'd like.  Even though I can't see the server on the network, my other machines can still map the drive it is serving out.  Plus, the modem is sleeping thru most of the night now.  Just wish my 1 1/2 year old would.
Thanks much for your info and the time you did researching it.