Running Samba on a masquerading router

Marcel de Riedmatten mdr at
Fri Nov 9 05:43:02 GMT 2001

On Fri, Nov 09, 2001 at 12:38:33PM +0000, smh at wrote:
> Hi,
> I'm running Samba 2.2.1 on a NAT machine.  Only hosts from the
> private net are allowed access (hosts allow and interfaces set to
> the private network only).  My problem is that domains from the
> 'public' network are still appearing on my private network, albeit
> inaccessible.  It's almost as if the browse-list mechanism is
> picking them up on the public interface.
> Is there a way to prevent nmbd/smbd from doing this?  Is this
> caused by some other miss-configuration?  I'm running Linux,
> kernel 2.4.6 with ipchains.

nmbd listen on for broadcast even if you use

bind interfaces only = True

You should block incomming udp packets for port 137 et 138
on the external interface.

> Secondly, is it possible to have different shares on different
> interfaces without a second samba installation?

i don't think its possible without a second samba. not sure exactly
what you need here. 

Marcel de Riedmatten
pgp key: CFE703CA                   
Empreinte: 4687 F9CB D8E2 AC1A B806  F812 C048 0875 CFE7 03CA

More information about the samba mailing list