request for help with networking sorcery (a bit long)
let's see if i can explain this in a way that makes sense and doesn't make me sound silly
i want to set up network file access for my home's local network, so i can access files from various devices without having to manually copy them over. every potential client i have is perfectly fine with SMB 3.0... except for one (a playstation 2 with some homebrew software), which only accepts SMB 1.0 for whatever reason. i don't want to enable a deprecated file sharing protocol for the entire network, so i'd like to limit it to as close to the troublesome client as i can.
is it possible to set up some kind of "relay," like in the diagram, that presents a network share or a subset of it to the ps2 via SMB 1.0 while the rest of the network can use newer protocols?
re: request for help with networking sorcery (a bit long)
for a bit of extra explanation, i'm leaning toward having a separate machine as opposed to two samba daemons on the same machine because i want to use that in-between machine for a couple of other things at the same time, not just as a relay here
re: request for help with networking sorcery (a bit long)
@typhlosion the easiest way I can imagine would be to have a device, which is on two networks, that mounts the SMB3 share over your main network, and then provides that to its own samba server for the PS2 to use on the other network
re: request for help with networking sorcery (a bit long)
@Gulfie that's what i was thinking, yeah. probably the main network over wifi and then it's just plugged straight into the ps2 with an ethernet cable... well, maybe that would make it harder to connect the ps2 to the wider internet for online functionality... hmm.
re: request for help with networking sorcery (a bit long)
@typhlosion maybe you could firewall the SMB1 server's network card to only talk to the PS2's IP and then have everything on the same network but idk how bad the SMB1 protocol's security holes are it might still be bad
re: request for help with networking sorcery (a bit long)
@typhlosion I don't know (I haven't touched SMB in like two decades) but I think it's a very interesting question!
if read-only access is enough you might be able to run two separate Samba servers with different configurations but serving the same directories on the same machine. you'd need them to either listen on different ports or different IP addresses, but in a home network it's not too hard to assign as many addresses as you want to the same network interface. then you can apply different firewall or ACL rules to each.
also have you already checked whether Samba has config options for allowing different protocol versions on different listening sockets? some server software supports that kind of thing but as I say I haven't looked at Samba in a long time. if that's an option then I'd expect even read-write access ought to work fine.
finally there's the somewhat brute-force approach of faking a "proxy" like you want by mounting the SMB share on another machine and running a separate copy of Samba there. I'm skeptical whether that's any better than running two copies on the same machine though.
re: request for help with networking sorcery (a bit long)
@jamey this answer is delightfully thorough and has given me a lot to go off and research, thank you very much
re: request for help with networking sorcery (a bit long)
@typhlosion if you're using samba, you could run a second smbd
instance on a different port that has SMB1 enabled and has very restricted access controls.
otherwise, I have no idea if a transparent SMB relay exists, but you could always just have a different machine mount the PS2 share with e.g. Linux's CIFS support, and then run its own smbd
that exports that as a share :p
re: request for help with networking sorcery (a bit long)
@typhlosion btw, if it would help, I have an smb.conf
I set up for my PS2 that ought to still work correctly, and I can share some relevant config settings
re: request for help with networking sorcery (a bit long)
@Skirmisher that would help, thank you!
re: request for help with networking sorcery (a bit long)
@typhlosion here's what I came up with
[global]
# default/irrelevant entries omitted
# enable SMB1
server min protocol = NT1
# enable NTv1 encrypted password support
ntlm auth = ntlmv1-permitted
# restrict clients - can be set global and/or per-share
# accepts several forms of host specs, see smb.conf(5)
hosts allow = 192.168.
[PS2]
path = /home/skirmisher/stuff/PS2
comment = Open PS2 Loader
# arbitrary user, use smbpasswd(8) to create & set pass
valid users = opl
# never try to set owner or ACLs
inherit owner = Yes
inherit acls = Yes
# unfortunately necessary last I checked
writeable = Yes
# client assumes role of (UNIX) owner of files, to simplify permission checks
# might make "inherit owner" redundant, but eh
force user = skirmisher
re: request for help with networking sorcery (a bit long)
disclaimer that this is a High-Growth Area for me, i.e. i have absolutely no idea what i'm doing and am trying my best to learn as i go