Samba on a router; doesn't work for outer network.

Rob spamrefuse at yahoo.com
Mon Jan 3 07:45:14 PST 2005 

James Jhai wrote:
> On Monday 03 January 2005 07:12 am, Rob wrote:
> 
>>Hi,
>>
>>I have tried to configure Samba on a FreeBSD (5.3) router & NAT.
>>
>>I want to have a single accessible directory with a password,
>>that can be accessed from the inner network (10.0.0.X) as well
>>as from the outer network (outer network = Windows PCs that use
>>the same external router as the FreeBSD PC).
>>
>>It works for the inner network, but not for the outer network
>>(see below for network scheme). All Windows PCs are XP.
>>
>>For testing this, I use an 'open' firewall. I should tighten the
>>firewall as soon as this is working.
>>
>>The /usr/local/etc/smb.conf (configured with swat) is as follows:
>>
>>#------------ smb.conf ----------------------------------
>>[global]
>>         workgroup = CISR
>>         netbios name = SURFACE
>>         server string = FreeBSD Samba Server
>>         passdb backend = tdbsam
>>         log file = /var/log/samba/log.%m
>>         max log size = 50
>>         dns proxy = No
>>         ldap ssl = no
>>
>>[share]
>>         comment = Shared stuff
>>         path = /home/share
>>         invalid users = @wheel
>>         valid users = share
>>         read only = No
>>         force create mode = 0700
>>         force security mode = 0700
>>#---------------------------------------------------------
>>
>>
> 
> I belive you'll have to add the "interfaces" option and define all the interfaces that you 
> want samba to use. You can use IP's or the interface names (rl0, wi0, ndis0, ed0, etc...).
> In addition to setting firewall rules up, samba also has a deny/allow section, again the swat help
> on the option will give you more details.

Thanks.

I have added following lines in the [global] section of smb.conf:

         interfaces = fxp0, rl0, lo0
         bind interfaces only = Yes
         hosts allow = 123.45.67.89/28, 10.0.0.0/24, 127.0.0.1
         hosts deny = ALL

Is that what you are talking about?
rl0 interface is connected to the 10.0.0.0/24 inner-network and
fxp0 is connected to the outer-network with gateway 123.45.67.1.
(I use real IP addresses instead of 123.45.67.89, of course).

Rob.

More information about the freebsd-questions mailing list