setting range of ips allowed to browse samba..
Joel at HammersHome.com
Sat Oct 6 06:57:02 GMT 2001
> Ive heard about CIDR, and want to know how do i set the allowable range of ips lets say from 192.168.0.50 to 192.168.0.100 only using the CIDR method, to access, use, or browse a samba.
> The only way i know is just to type
> 192.168.0.0 then the netmask would be 255.255.255.0 but then it would allow me to use the class C ip address from
> 192.168.0.1 - 255,
> The thing is that i want to customize my setting and allow only 192.168.0.50-100 range of ip address.
I have never done what you want to do, but:
It sounds like you want samba to use ip's with variable length subnet masks in its hosts allow
Samba can do that, but can your network handle such ip's ? I think you
should read about VLSM.
I don't think, from my reading, that you can specify arbitrary ranges of
IP's with CDIR, at least not with the simple ip/netmask notation. For example,
with a netmask of 255.255.255.224, (11111111.11111111.11111111.11100000)
you get 8 networks with 32 ip's each. The
network address for each network is predefined for you
(0,32,64,96,128,160,192,and 224), as are the broadcast addresses.
For example, if you use the simple ip/netmask notation, eg. 192.168.0.50/27, you get the
following predefined results:
network address 192.168.0.32
broadcast address 192.168.0.63
netmask of 255.255.255.224
I know these numbers are right because they come right out of a book!
As an alternative, you might read the samba documentation for ways to limit ip ranges.
Don't forget brute force. An include file with the desired ip numbers would
be a nice, easy, brainless solution. It would have the advantage of
probably working just fine. And, it would allow you to customize it easily.
If you want to get fancy, you could make a preexec script which looked
at the ip of the requesting machine, and which rejected the request based on
the ip number.
More information about the samba