Hello, For Samba, you can restrict what interface it binds itself to using either interfaces = 192.168.1.1/24 or hosts allow = 192.168.1. See man smb.conf for more detailed explanation. Also, more then likely the untrusted hosts will still need DNS. Although I haven't used SuSEFirewall, you probably just need to put something in the susefirewall custom rules file. Bill Miller jrmiller@cbnlottery.com beer@freakmail.de wrote:
Hi
I run Suse 9.2 x86_64 and have to reconfigure my firewall, because I want to have an additional internal network for 'unknown' people to get internet access. I have - one external if dsl0 - one internal (eth1), which is trusted and needs services such as samba, dns, dhcp... from the server - one internal (eth2), which should _only_ have internet access and dhcp(these 2 things work)
one could firewall against the internal network and open the needed ports, but then the untrusted internal net also gets samba and other services which it should not get access to.
so whats the best way to configure the Susefirewall2?
thanks for answers vb