Running Samba on a masquerading router
Marcel de Riedmatten
mdr at dotforge.ch
Fri Nov 9 05:43:02 GMT 2001
On Fri, Nov 09, 2001 at 12:38:33PM +0000, smh at sophos.com wrote:
> Hi,
>
> I'm running Samba 2.2.1 on a NAT machine. Only hosts from the
> private net are allowed access (hosts allow and interfaces set to
> the private network only). My problem is that domains from the
> 'public' network are still appearing on my private network, albeit
> inaccessible. It's almost as if the browse-list mechanism is
> picking them up on the public interface.
>
> Is there a way to prevent nmbd/smbd from doing this? Is this
> caused by some other miss-configuration? I'm running Linux,
> kernel 2.4.6 with ipchains.
nmbd listen on 0.0.0.0 for broadcast even if you use
bind interfaces only = True
You should block incomming udp packets for port 137 et 138
on the external interface.
>
> Secondly, is it possible to have different shares on different
> interfaces without a second samba installation?
i don't think its possible without a second samba. not sure exactly
what you need here.
--
Marcel de Riedmatten
pgp key: CFE703CA http://ftp.dotforge.ch/pub/users/mdr/mdr.gpg.asc
Empreinte: 4687 F9CB D8E2 AC1A B806 F812 C048 0875 CFE7 03CA
More information about the samba
mailing list