Redhat Security

Mike Fedyk mikef at matchmail.com
Fri Mar 9 22:52:13 GMT 2001


On Fri, Mar 09, 2001 at 05:43:49PM -0500, Michael Blinn wrote:
> I would like to address this same question. Though I have "hosts allow
> =192.168." AND "interfaces = eth1 192.168.168.2/23 127.0.0.1/24" lines in
> my smb.conf file, other DSL customers using my same ISP are apparently
> sync'ing with my nmbd over my public eth0 interface.
> I know I can block everything out using ipchains (and will!) however I'm
> currently testing a new VPN setup and want to keep things open to rule
> that out as a source of blocking. Can I perhaps be using the parameters
> incorrectly?
> 
> Should I also use the "bind interfaces only" parameter?
> 
Yes, but read the man page for that parameter too.

IIRC the only way to keep samba from interacting on all interfaces
*entirely* instead of partailly, you have to block the ports through port
filtering.  nmbd will still receive broadcasts on your dsl interface, iirc.

Mike




More information about the samba mailing list