Re: Samba on a router; doesn't work for outer network.

Mon, 03 Jan 2005 22:48:45 -0800

James Jhai wrote: 
On Monday 03 January 2005 08:45 am, Rob wrote:

James Jhai wrote:

On Monday 03 January 2005 07:12 am, Rob wrote:


Hi,

I have tried to configure Samba on a FreeBSD (5.3) router & NAT.

I want to have a single accessible directory with a password,
that can be accessed from the inner network (10.0.0.X) as well
as from the outer network (outer network = Windows PCs that use
the same external router as the FreeBSD PC).

It works for the inner network, but not for the outer network
(see below for network scheme). All Windows PCs are XP.

For testing this, I use an 'open' firewall. I should tighten the
firewall as soon as this is working.

The /usr/local/etc/smb.conf (configured with swat) is as follows:

#------------ smb.conf ----------------------------------
[global]
       workgroup = CISR
       netbios name = SURFACE
       server string = FreeBSD Samba Server
       passdb backend = tdbsam
       log file = /var/log/samba/log.%m
       max log size = 50
       dns proxy = No
       ldap ssl = no

[share]
       comment = Shared stuff
       path = /home/share
       invalid users = @wheel
       valid users = share
       read only = No
       force create mode = 0700
       force security mode = 0700
#---------------------------------------------------------



I belive you'll have to add the "interfaces" option and define all the interfaces that you want samba to use. You can use IP's or the interface names (rl0, wi0, ndis0, ed0, etc...).
In addition to setting firewall rules up, samba also has a deny/allow section, again the swat help
on the option will give you more details. 

Thanks.

I have added following lines in the [global] section of smb.conf:

        interfaces = fxp0, rl0, lo0
        bind interfaces only = Yes
        hosts allow = 123.45.67.89/28, 10.0.0.0/24, 127.0.0.1
        hosts deny = ALL

Is that what you are talking about?
rl0 interface is connected to the 10.0.0.0/24 inner-network and
fxp0 is connected to the outer-network with gateway 123.45.67.1.
(I use real IP addresses instead of 123.45.67.89, of course).

Yes thats what I was talking about. Did that fix the problem? 

No, it didn't.
I'm now teaching the Windows guys how to use sFtp to connect to
the router; probably the most secure way of communication, I guess.
In that case I will abandon samba altogether.

Thanks for your help.

Rob.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to