On 11/04/2012 04:01 AM, Otto Rodusek wrote:
Hi ListMates,
Would anyone know if it's possible to create firewall rules to allow only certain IP address to enter my Linux Server (Opensuse 12.2 x86_64) running samba (3.6.7-48.12.1.x86_64) from outside so that I can map samba shares from remote locations (windows XP). For example, I would like to ONLY allow ip address 94.90.115.82 (ports tcp 139 & 445) and drop all other ip address trying to access those ports. Actually, I have 3 remote locations so there would actually be 3 different ip addresses to define. Thanks for any help. Best regards.
Hi Otto, Being "able" to do this is one thing, but the question "should" you do it is another. Microsoft networking (SMB) was designed for use on local subnets, and barely worked there. I've heard that SMB doesn't do well with long round-trip packet times, maybe other protocols like webdav might be a better choice? Security is another potential problem. Limiting access to specified IP address would certainly help, but AFAIK the traffic itself isn't encrypted. Setting up a VPN, which does encrypt traffic, would be a much safer choice. Regards, Lew -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org