I think you just have to put in smb.conf something like bind interfaces only = yes interfaces = eth0 eth1 lo
No ?? ----- Original Message ----- From: "Thomas Werner" <[EMAIL PROTECTED]> To: "Jean LEE" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, June 15, 2004 4:33 PM Subject: Re: [Samba] listenning on interfaces > on friday i have to install a 2nd samba server on 1 machine with 2 network > cards. if bind interfaces only is set i think is not a problem to run 2 smbd > daemons. but i red that in man pages that nmbd always listen on 0.0.0.0 and > drops the packets which doesnt match with the addresses af parameter list. > in that case is not possible to run different instances on one machine?! > > help! > > cheers tom > > > On 15.06.2004 16:02 Uhr, "Jean LEE" <[EMAIL PROTECTED]> wrote: > > > Hi, > > > > Thanks for your answer. I'm surprised. > > There's no way in smb.conf to tell : "I don't want that nmbd listens on > > 0.0.0.0/0" ? > > > > Regards, > > > > Jean > > > > ----- Original Message ----- > > From: "Thomas Werner" <[EMAIL PROTECTED]> > > To: "Jean LEE" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > > Sent: Tuesday, June 15, 2004 11:00 AM > > Subject: Re: [Samba] listenning on interfaces > > > > > >> maybe iptables? but dont forget to open some ports for the clients: > >> > >> 111.tcp > >> 137.udp > >> 138.udp > >> 139.tcp > >> 22.tcp > >> 2222.udp > >> 445.tcp > >> 631.tcp > >> 67.udp > >> 80.tcp > >> and maybe 88.tcp for ads > >> > >> for example on a share connect. the xp clients look for a webserver on 80 > > to > >> show the folder/drive content, the same for port 2222. if you drop the > >> packets, the home drive is slow, because the client timed out and get no > >> answer for special kind of service/feature. > >> > >> cheers tom > >> > >> On 15.06.2004 10:11 Uhr, "Jean LEE" <[EMAIL PROTECTED]> wrote: > >> > >>> Hello, > >>> > >>> I am new to samba and i would to well secure it. > >>> > >>> In smb.conf, I entered the following lines : > >>> > >>> hosts allow = 192.168.0.2 127.0.0.1 > >>> hosts deny = 0.0.0.0/0 > >>> bind interfaces only = yes > >>> interfaces = eth0 lo > >>> > >>> I thought that it would only listens on the local machine and my > > internal Lan > >>> (which is on eth0 192.168.0.1) but nmbd seems to always listen on > > UDP/137 and > >>> UDP/138 (netbios-ns and netbios-dgm) on 0.0.0.0/0. Here is the output of > >>> netstat : > >>> > >>> [EMAIL PROTECTED] user]# netstat -taup > >>> Active Internet connections (servers and established) > >>> Proto Recv-Q Send-Q Local Address Foreign Address > >>> State PID/Program name > >>> tcp 0 0 192.168.0.1:netbios-ssn *:* > >>> LISTEN 3800/smbd > >>> tcp 0 0 ServeurLinu:netbios-ssn *:* > >>> LISTEN 3800/smbd > >>> tcp 0 0 ServeurLinux:ipp *:* > >>> LISTEN 3707/cupsd > >>> tcp 0 0 192.168.0.:microsoft-ds *:* > >>> LISTEN 3800/smbd > >>> tcp 0 0 ServeurLin:microsoft-ds *:* > >>> LISTEN 3800/smbd > >>> udp 0 0 192.168.0.1:netbios-ns *:* > >>> 3804/nmbd > >>> udp 0 0 *:netbios-ns *:* > >>> 3804/nmbd > >>> udp 0 0 192.168.0.1:netbios-dgm *:* > >>> 3804/nmbd > >>> udp 0 0 *:netbios-dgm > > *:* > >>> 3804/nmbd > >>> > >>> > >>> What is netbios-ns and netbios-dgm? I would prefer that nmbd doesn't > > listen on > >>> *:netbios-ns and *:netbios-dgm because I will connect my server to the > >>> internet through eth1 10.0.0.1. How can I do it? > >>> > >>> Thanks for any help. > >>> > >>> Jean Lee. > >>> -- > >>> To unsubscribe from this list go to the following URL and read the > >>> instructions: http://lists.samba.org/mailman/listinfo/samba > >>> > >> > >> Dipl. Betriebswirt(BA) f. Inf. Thomas Werner > >> Webmaster / Network Administrator > >> ESMT European School of Management and Technology GmbH > >> Schlossplatz 1 > >> D-10178 Berlin > >> Germany > >> > >> Tel: +49 (0)30 21231 - 1085 > >> Fax: +49 (0)30 21231 - 9 > >> E-mail: [EMAIL PROTECTED] > >> Web: http://www.esmt.org > >> > >> > >> > > > > Dipl. Betriebswirt(BA) f. Inf. Thomas Werner > Webmaster / Network Administrator > ESMT European School of Management and Technology GmbH > Schlossplatz 1 > D-10178 Berlin > Germany > > Tel: +49 (0)30 21231 - 1085 > Fax: +49 (0)30 21231 - 9 > E-mail: [EMAIL PROTECTED] > Web: http://www.esmt.org > > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
