[TCLUG] Samba bind only to local network

[Dave Sherman]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If you are trying to restrict connections to only be allowed from the 
local network, try this in your global section:

#  Networking configuration options
hosts allow = 192.168.1. 192.168.2. localhost
hosts deny = 192.168.1.102 192.168.2.37

It works just like the hosts.allow and hosts.deny files. Notice, to allow 
an entire network, only include the network address and the final dot, but 
not a zero or anything else. If you want to include a range of IPs, you 
can do something like this:

hosts allow = 192.168.1.0/255.255.255.128

which will simply compare the network and machine address against the 
netmask you specify.

Anywho, for more info check 
http://us2.samba.org/samba/docs/man/smb.conf.5.html#HOSTSALLOW

Hope this helps,
Dave

On Saturday 11 August 2001 23:45, thus spake Mike Hicks:

> > "Andy Zbikowski (Zibby)" <zibby+tclug at ringworld.org> wrote:
> > See:
> > http://us2.samba.org/samba/docs/man/smb.conf.5.html#INTERFACES
> > http://us2.samba.org/samba/docs/man/smb.conf.5.html#BINDINTERFACESONLY
>
> Hmm.  That doesn't seem to do quite what I'm looking for, unless I'm
> getting the syntax wrong.
>
> Oh well, like I said, my fallback is to use IP Tables to only allow
> connections from the local network, and not the Internet at large..

- ----------------------------------------
Content-Type: application/pgp-signature; charset="US-ASCII"; 
name="Attachment: 1"
Content-Transfer-Encoding: 7bit
Content-Description: 
- ----------------------------------------

- -- 
"Nihil tam munitum quod non expugnari pecunia possit." (No 
fortification is such that it cannot be subdued with money.)
- - Marcus Tullius Cicero, 106-43 B.C.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7do21A68l26XsZUYRApeBAJ9p9Dt9PAAYS8gBluoVTxhkuVSFIwCgoctv
hqS5f/TfEdrXYQoyGuz/zF0=
=VGS8
-----END PGP SIGNATURE-----