Re: Samba on a router; doesn't work for outer network.

Mon, 03 Jan 2005 07:45:34 -0800

James Jhai wrote: 
On Monday 03 January 2005 07:12 am, Rob wrote:

Hi,

I have tried to configure Samba on a FreeBSD (5.3) router & NAT.

I want to have a single accessible directory with a password,
that can be accessed from the inner network (10.0.0.X) as well
as from the outer network (outer network = Windows PCs that use
the same external router as the FreeBSD PC).

It works for the inner network, but not for the outer network
(see below for network scheme). All Windows PCs are XP.

For testing this, I use an 'open' firewall. I should tighten the
firewall as soon as this is working.

The /usr/local/etc/smb.conf (configured with swat) is as follows:

#------------ smb.conf ----------------------------------
[global]
        workgroup = CISR
        netbios name = SURFACE
        server string = FreeBSD Samba Server
        passdb backend = tdbsam
        log file = /var/log/samba/log.%m
        max log size = 50
        dns proxy = No
        ldap ssl = no

[share]
        comment = Shared stuff
        path = /home/share
        invalid users = @wheel
        valid users = share
        read only = No
        force create mode = 0700
        force security mode = 0700
#---------------------------------------------------------



I belive you'll have to add the "interfaces" option and define all the interfaces that you want samba to use. You can use IP's or the interface names (rl0, wi0, ndis0, ed0, etc...).
In addition to setting firewall rules up, samba also has a deny/allow section, again the swat help
on the option will give you more details. 

Thanks.

I have added following lines in the [global] section of smb.conf:

        interfaces = fxp0, rl0, lo0
        bind interfaces only = Yes
        hosts allow = 123.45.67.89/28, 10.0.0.0/24, 127.0.0.1
        hosts deny = ALL

Is that what you are talking about?
rl0 interface is connected to the 10.0.0.0/24 inner-network and
fxp0 is connected to the outer-network with gateway 123.45.67.1.
(I use real IP addresses instead of 123.45.67.89, of course).

Rob.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to