James Jhai wrote:
On Monday 03 January 2005 08:45 am, Rob wrote:
James Jhai wrote:
On Monday 03 January 2005 07:12 am, Rob wrote:
Hi,
I have tried to configure Samba on a FreeBSD (5.3) router & NAT.
I want to have a single accessible directory with a password,
that can be accessed from the inner network (10.0.0.X) as well
as from the outer network (outer network = Windows PCs that use
the same external router as the FreeBSD PC).
It works for the inner network, but not for the outer network
(see below for network scheme). All Windows PCs are XP.
For testing this, I use an 'open' firewall. I should tighten the
firewall as soon as this is working.
The /usr/local/etc/smb.conf (configured with swat) is as follows:
#------------ smb.conf ----------------------------------
[global]
workgroup = CISR
netbios name = SURFACE
server string = FreeBSD Samba Server
passdb backend = tdbsam
log file = /var/log/samba/log.%m
max log size = 50
dns proxy = No
ldap ssl = no
[share]
comment = Shared stuff
path = /home/share
invalid users = @wheel
valid users = share
read only = No
force create mode = 0700
force security mode = 0700
#---------------------------------------------------------
I belive you'll have to add the "interfaces" option and define all the interfaces that you
want samba to use. You can use IP's or the interface names (rl0, wi0, ndis0, ed0, etc...).
In addition to setting firewall rules up, samba also has a deny/allow section, again the swat help
on the option will give you more details.
Thanks.
I have added following lines in the [global] section of smb.conf:
interfaces = fxp0, rl0, lo0
bind interfaces only = Yes
hosts allow = 123.45.67.89/28, 10.0.0.0/24, 127.0.0.1
hosts deny = ALL
Is that what you are talking about?
rl0 interface is connected to the 10.0.0.0/24 inner-network and
fxp0 is connected to the outer-network with gateway 123.45.67.1.
(I use real IP addresses instead of 123.45.67.89, of course).
Yes thats what I was talking about. Did that fix the problem?
No, it didn't.
I'm now teaching the Windows guys how to use sFtp to connect to
the router; probably the most secure way of communication, I guess.
In that case I will abandon samba altogether.
Thanks for your help.
Rob.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"