On Tue, Apr 17, 2001 at 13:00 +0200, Markus Gaugusch wrote:
you can configure samba to listen only on the internal interface.
Oh? How so?
if i am not mistaken, there is a setting in smb.conf to do so:
hosts allow = x.x.x.x/x
This has nothing to do with configuring samba to listen on internal interfaces only. This just limits which hosts can connect. Man smb.conf gives a very large but useful collection of information: in smb.conf put interfaces = your.internal.ip.no/your.internal.net.mask (e.g. 192.168.1.1/255.255.255.0 or 192.168.1.1/24) bind interfaces only this will cause smbd to listen only on your internal interface. Nmbd will bind on your internal interface and 0.0.0.0 (to listen for broadcasts), but will only serve requests from the same broadcast domain as your internal interface. Further you only need to allow FW_SERVICES_INTERNAL_TCP = 139 and FW_SERVICES_INTERNAL_UDP = 137:138, you don't need to use FW_SERVICE_SAMBA
in the same format as the "interfaces" setting, however, in this case, it is restricting what hosts are allowed to connect to it. with this, one should be able to restrict connections to those originating from systems in one's local network, if so desired.
hth Stefan