-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oliver Gerlich wrote: > Ross Kendall Axe schrieb: > >>>Oliver Gerlich wrote: >>> >>> >>>>>The "problem" is that I start vde_switch and the bridging not at boot, >>>>>but when I want to run Qemu. So then I have to restart Samba to bind to >>>>>to br0 instead of eth0. Not so much of a problem though... Only I don't >>>>>know what other services already rely on eth0 as my network interface :) >>> >>> >>>You've got the 'Bind interfaces only' option turned on in Samba haven't >>>you? Turn it off and your problem will disappear. >>> >>>As to what other programs care about interfaces appearing/disappearing, >>>run 'netstat -ltup' to see who's listening where. Anything listening on >>>'*:portnumber' probably doesn't care. > > > Thanks for your ideas; but I try to run every service bound to specific > interfaces (lo and/or eth0), so I don't get into problems when attaching > eg. a direct internet connection or WLAN. > > >>>Ross > > > Oliver >
I personally tend to rely more on tcpwrappers and a strong firewall for this kind of access control, and that's not even mentioning the password protection on everything :-). However, in the specific case of Samba, you can still do interface based access control without using the "bind interfaces only" option. It will still only accept connections on the interfaces you specify, but the problem you're having will go away. This is all strictly IMHO, of course. Ross -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.7 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFC1IQ59bR4xmappRARAic5AJ4sBnDMvqbnM2y+PxoH610WHFgrLgCgnEvM w4yPf1ElMLyEbUWZXQvDCB8= =VZmx -----END PGP SIGNATURE----- _______________________________________________ Qemu-devel mailing list Qemu-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/qemu-devel