Samba on a router; doesn't work for outer network.

Rob spamrefuse at
Mon Jan 3 22:48:35 PST 2005

James Jhai wrote:
> On Monday 03 January 2005 08:45 am, Rob wrote:
>>James Jhai wrote:
>>>On Monday 03 January 2005 07:12 am, Rob wrote:
>>>>I have tried to configure Samba on a FreeBSD (5.3) router & NAT.
>>>>I want to have a single accessible directory with a password,
>>>>that can be accessed from the inner network (10.0.0.X) as well
>>>>as from the outer network (outer network = Windows PCs that use
>>>>the same external router as the FreeBSD PC).
>>>>It works for the inner network, but not for the outer network
>>>>(see below for network scheme). All Windows PCs are XP.
>>>>For testing this, I use an 'open' firewall. I should tighten the
>>>>firewall as soon as this is working.
>>>>The /usr/local/etc/smb.conf (configured with swat) is as follows:
>>>>#------------ smb.conf ----------------------------------
>>>>        workgroup = CISR
>>>>        netbios name = SURFACE
>>>>        server string = FreeBSD Samba Server
>>>>        passdb backend = tdbsam
>>>>        log file = /var/log/samba/log.%m
>>>>        max log size = 50
>>>>        dns proxy = No
>>>>        ldap ssl = no
>>>>        comment = Shared stuff
>>>>        path = /home/share
>>>>        invalid users = @wheel
>>>>        valid users = share
>>>>        read only = No
>>>>        force create mode = 0700
>>>>        force security mode = 0700
>>>I belive you'll have to add the "interfaces" option and define all the interfaces that you 
>>>want samba to use. You can use IP's or the interface names (rl0, wi0, ndis0, ed0, etc...).
>>>In addition to setting firewall rules up, samba also has a deny/allow section, again the swat help
>>>on the option will give you more details.
>>I have added following lines in the [global] section of smb.conf:
>>         interfaces = fxp0, rl0, lo0
>>         bind interfaces only = Yes
>>         hosts allow =,,
>>         hosts deny = ALL
>>Is that what you are talking about?
>>rl0 interface is connected to the inner-network and
>>fxp0 is connected to the outer-network with gateway
>>(I use real IP addresses instead of, of course).
> Yes thats what I was talking about. Did that fix the problem?

No, it didn't.
I'm now teaching the Windows guys how to use sFtp to connect to
the router; probably the most secure way of communication, I guess.
In that case I will abandon samba altogether.

Thanks for your help.


More information about the freebsd-questions mailing list