Samba on a router; doesn't work for outer network.

James Jhai james at idea-anvil.net
Mon Jan 3 19:48:33 PST 2005 

On Monday 03 January 2005 08:45 am, Rob wrote:
> James Jhai wrote:
> > On Monday 03 January 2005 07:12 am, Rob wrote:
> > 
> >>Hi,
> >>
> >>I have tried to configure Samba on a FreeBSD (5.3) router & NAT.
> >>
> >>I want to have a single accessible directory with a password,
> >>that can be accessed from the inner network (10.0.0.X) as well
> >>as from the outer network (outer network = Windows PCs that use
> >>the same external router as the FreeBSD PC).
> >>
> >>It works for the inner network, but not for the outer network
> >>(see below for network scheme). All Windows PCs are XP.
> >>
> >>For testing this, I use an 'open' firewall. I should tighten the
> >>firewall as soon as this is working.
> >>
> >>The /usr/local/etc/smb.conf (configured with swat) is as follows:
> >>
> >>#------------ smb.conf ----------------------------------
> >>[global]
> >>         workgroup = CISR
> >>         netbios name = SURFACE
> >>         server string = FreeBSD Samba Server
> >>         passdb backend = tdbsam
> >>         log file = /var/log/samba/log.%m
> >>         max log size = 50
> >>         dns proxy = No
> >>         ldap ssl = no
> >>
> >>[share]
> >>         comment = Shared stuff
> >>         path = /home/share
> >>         invalid users = @wheel
> >>         valid users = share
> >>         read only = No
> >>         force create mode = 0700
> >>         force security mode = 0700
> >>#---------------------------------------------------------
> >>
> >>
> > 
> > I belive you'll have to add the "interfaces" option and define all the interfaces that you 
> > want samba to use. You can use IP's or the interface names (rl0, wi0, ndis0, ed0, etc...).
> > In addition to setting firewall rules up, samba also has a deny/allow section, again the swat help
> > on the option will give you more details.
> 
> Thanks.
> 
> I have added following lines in the [global] section of smb.conf:
> 
>          interfaces = fxp0, rl0, lo0
>          bind interfaces only = Yes
>          hosts allow = 123.45.67.89/28, 10.0.0.0/24, 127.0.0.1
>          hosts deny = ALL
> 
> Is that what you are talking about?
> rl0 interface is connected to the 10.0.0.0/24 inner-network and
> fxp0 is connected to the outer-network with gateway 123.45.67.1.
> (I use real IP addresses instead of 123.45.67.89, of course).
> 
> Rob.
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
> 
> 

Yes thats what I was talking about. Did that fix the problem?
-- 
- James

More information about the freebsd-questions mailing list