[Openwrt Project Development Notes]: Samba Service & vsftp Service (4)

In the previous section, we talked about how to mount a USB flash disk to a vro and how to improve the storage and data processing capabilities of the vro by modifying the USB flash disk. By adding USB mounting, the smart home construction will be guaranteed in the future.

In this section, I will briefly introduce how to create a network file sharing service on a vro.

I. Why should I create a file sharing service:

Security is an important requirement in smart home networks. After a smart home solution is deployed, users often consider security issues first. So how to perform security management? A common solution is to monitor the status of sensors and appliances in real time. In case of exceptions, users are notified by email, SMS, or even by phone. When a user receives an exception, it is often necessary to identify the problem. In this case, the file sharing service is used.

In addition, after downloading BT offline through the vro, you cannot play audio and video files directly on the vro. You need to access these files through PCs, mobile phones, tablets, and other devices. At this time, the vro also needs to provide the file sharing service.

2. What is network file sharing service?

Before learning how to build a network file sharing service, we need to know what network file sharing is. The "network file sharing service" mentioned in this Article refers to a series of services that provide access, modification, addition, and deletion operations for files distributed on different network hosts. In terms of functions, we can simply divide these services into two parts: File Access Service and file transfer service.

1. File Transfer Service

The file transfer service is based on the file transfer protocol. Some people may be unfamiliar with the title of this article, but I believe everyone has heard of it in short as the FTP (file transfer protocol ). This protocol is used to control two-way file transmission over the Internet.

Advantages: secure and reliable.

Disadvantage: authentication is required for uploading and downloading each file, which is inefficient.

2. File Access Service

To be accurate, it should be called the network file access service. This service is mainly used to access and read files on a host on different hosts in the network. Common network file access services include NFS and samba.

(1) NFS (Network File System)

NFS is a protocol used for distributed file systems. The function is to allow different machines and operating systems to share individual data through the network, so that applications can access data on server disks through the network on the client, it is a way to share disk files between Unix-like systems.

　　

(Picture taken from NFS in laruence's Linux private house dish)

NFS is an independent system that allows you to access and process NFS. You must use the Remote Procedure Call (RPC) operation provided by the NFS system.

Advantage: centralized data storage greatly saves local storage resources. It is equivalent to a network neighbor in Linux.

Disadvantage: poor security. Only Linux is supported, and poor scalability.

(2) samba

The introduction on Baidu encyclopedia is extremely streamlined: Samba is a free software for implementing SMB on Linux and Unix systems, which consists of servers and client programs.

So what is the "SMB protocol? Server messages Block (SMB) is a communication protocol used to share files and printers on a LAN, it provides sharing services for files, printers, and other resources between different computers in the LAN.

On the samba official website, there are the following descriptions: Since 1992, Samba has provided secure, stable and fast file and print services for all clients using the SMB/CIFS protocol, such as all versions of DOS and Windows, OS/2, Linux and other others.

We can see from the description that samba is similar to NFS in terms of functionality, but it is different from cross-platform nature. Samba supports access to DOS, windows, OS/2, Linux, and other platforms.

　　TIPS: I tried it specially today. It seems that samba cannot be used for access on Android phones that do not have the root permission. If any of you know how to use it, please refer to the reply guide ~

 

3. Differences between samba, FTP, and NFS:

From a cross-platform perspective, both Samba and FTP support cross-platform operations, while NFS does not support windows. From a mount perspective, Samba and NFS can mount remote directories to local directories, transparent to users. however, FTP does not work. Samba and NFS have poor security, and it is best to restrict them to the LAN.
FTP provides an authentication mechanism for both Intranet and Internet. for images, all three support files, but Samba also supports printers and Windows Domain manager.

In terms of performance,
Samba and NFS are better than FTP.

As the control center of Smart Home, a router has the cross-platform and cross-network features. From the above comparison, we can see that using Samba or FTP alone is not enough for our purpose of file service. Therefore, in this project, we build Samba and FTP servers to provide LAN and WAN file sharing services.

 

3. How to Build a Samba server in the openwrt System

When I was building a Samba server, I looked at the http://www.openwrt.org.cn/bbs/forum.php? MoD = viewthread & tid = 4543 & Highlight =

(1) install Samba software and browser support

opkg update
opkg install samba3opkg install luci-app-samba

(2) modify the samba template configuration file (/etc/samba/smb. conf. template)

[Global] NetBIOS name = | Name | workgroup = | workgroup | Server String = | description | syslog = 10 encrypt passwords = true passdb backend = smbpasswd obey Pam restrictions = Yes socket Options = tcp_nodelay # UNIX charset = ISO-8859-1 display charset = UTF-8 # add character set support, allow Chinese UNIX charset = UTF-8 dos charset = UTF-8 preferred master = Yes OS level = 20 Security = user guest accout = nobody
# Invalid users = root # by default, root users are not allowed to access SMB passwd file =/etc/samba/smbpasswd.

　　TIPS: the Samba server itself cannot parse openwrt UCI. To be compatible with openwrt, Samba provides a configuration template that allows you to set simple parameters.

When the Samba server is started, Samba reads/etc/config/samba and/etc/samba/smb. conf. template generates a temporary configuration file/tmp/SMB that can be parsed by Samba. conf, used by the Samba server.　　

Modify the/etc/config/Samba file and add the access permission for the shared folder:

Config 'samba 'option' homes '1' option 'name' openwrt 'option' description 'nas 'option' workgroup' openwrt 'config' sambashare 'option' read _ only ''no' option 'create _ mask' '000000' option 'dir _ mask' '000000' option 'guest _ OK ''yes'
Option 'path'/mnt/sda3' # I have three USB partitions. The third partition is used for Samba, FTP, and transmission offline download directory option 'name' 'root'

(3) create user access for Samba:

Use the following command to create a password for the user accessing the Samba server. We recommend that you create a new password instead of smbpasswd root XXXX # create the samba access password XXXX for the root user. If the password is successfully created, it will be stored in the/etc/samba/smbpasswd file

TIPS: the password created by Samba is stored locally. If you forget the password, you can ask the admin user (Root) to modify the password.

(4) Start the samba Service

/Etc/init. d/samba restart # restart the samba service/etc/init. d/samba enable # enable auto-start upon startup

(5) access through a terminal

In the web browser or file browser address bar, enter:

file://192.168.1.1/

The following result is displayed:

(6) supplement: Configure Samba through Luci

 

4. How to Build a vsftp server in the openwrt System

Compared with the previous complex operations, vsftp installation is quite simple. Reference http://www.wirelesser.net/index.php/tag/openwrt-vsftp/

(1) run the following command to install vsftp:

opkg updateopkg install vsftpd

(2) Configure/etc/vsftpd. conf

Select different configuration files based on whether to allow anonymous logon:

Allow Anonymous:

background=YESlisten=YESchown_uploads=YESchown_username=rootftp_username=nobody#enable anonymous useranonymous_enable=YESanon_upload_enable=YESanon_root=/mnt/anonymousanon_mkdir_write_enable=YESanon_max_rate=512000local_enable=YESwrite_enable=YESlocal_umask=022check_shell=NOlocal_root=/mntchroot_local_user=yesaccept_timeout=60idle_session_timeout=300max_clients=600max_per_ip=5#dirmessage_enable=YESftpd_banner=Welcome to vsFTP service.session_support=NOsyslog_enable=YES

If anonymous access is not allowed:

Authorization =/mnt/sda3/ftpdir # create the corresponding folder ftp_username = root # allowed username root nopriv_user = root background = yes listen = Yes anonymous_enable = No local_enable = Yes write_enable = Yes local_umask = 022 check_shell = No dirmessage_enable = Yes ftpd_banner = welcome to vsftp service. syslog_enable = Yes max_clients = 600 max_per_ip = 5 accept_timeout = 60 # Set connection timeout

(4) Start the vsftpd service

/Etc/init. d/vsftpd restart # restart vsftpd service/etc/init. d/vsftpd enable # enable auto-start upon startup

5. Additional instructions

Generally, the Samba file sharing service is used in a LAN environment, which is safer. We can mount the Samba server to a local file system. Users can use it as a partition of the system, which is simple and convenient.

For the FTP file transfer server, it is recommended to use the anonymous access mechanism to allow users to access and download, and restrict the upload and modification permissions of users, which is more secure.

 

---------------------------------------------------------------

Notice: Next section describes how to install ddns

Reprint please indicate the source: http://www.cnblogs.com/double-win/ thank you!