[Samba] Samba with split personality

Alex Stragies rost0005 at stud.uni-saarland.de
Mon May 13 09:45:25 GMT 2002 

Hi list,

my samba server is connected to 2 networks. In one network this machine is 
just a simple workstation (the lan of our building), but in the other network 
(my private network) i would like it to be the PDC, have different shares, 
and have a different name, etc.

My current setup (excerpt) is this:

NET1 = 192.168.1	#External NET
IP1  = 192.168.1.34	#External IP
NET2 = 192.168.2	#Internal NET
NET2 = 192.168.2.1	#Internal IP (is the gateway for Net2)


[global]
        hosts allow             = 192.168.1 192.168.2
        interfaces              = 192.168.1.0/24 192.168.2.0/24
        bind interfaces only    = Yes
        encrypt passwords       = Yes
        invalid users           = root
        security                = SHARE

        workgroup               = WorkGroup1
        server string           = ServerString1
        netbios name            = EXTNAME
        log file                = /var/log/samba/log.%I
        os level                = 0
        keepalive               = 30
        dns proxy               = No
        local master            = No
        domain master           = No
        preferred master        = No
        wins support            = No
        deadtime                = 10
        lm announce             = No
	include                 = /etc/samba/ip_conf/conf-%I

[SAMPLE]
# Some public share everybody can see 

That way, everybody can at least see the pulic [SAMPLE] share.
To create "individual" behavior for some IPs, i added the "include" line.

in /etc/samba/ip_conf/ i have a bunch of conf-192.168.XXX.XXX files, that now 
basically contain only some share definitions.

This was an easy way of making shares available with varying rights, 
depending on IP, as in : Some of NET1 have ro-access to some shares, all of 
NET2 has access to all shares.

- Problems, and bugs of my setup:
* internal machines dont see the samba machine, but can reach it via \\IP1 
\\IP2 and \\EXTNAME (I have no problems reaching my shares.)
* I cant see the outside network on the PCs at the inside
* Redefining global options in the included files does not seem to work
* I cant specify rules depending on incoming *interface*

the first is not so bad.
the second i would know how to fix, once problem 3 and/or 4 are fixed

the 4th problem is the main culprit, i think. There is no interface 
specification in the list of "%"-Variables. 
I thought about %L, that could be a solution, but how to i make smbd 
broadcast one name to one Net and another to Net2 ?!? That brings me back to 
problem4...

As a workaround, i thought, i'll just redefine some global parameters in the 
include-Files for the internal IPs.
An include file for an internal IP looks like this here:

## Rest of [global] Parameters
        workgroup       = stragies	#the name for the internal network
        netbios name    = fire		#the internal name
        server string   = "Internal Samba Daemon"
        interfaces      = 192.168.2.0/24
        security        = share
        os level        = 50
        local master    = Yes
        browse list     = Yes
        browsable       = Yes

BUT, this does not work!!

The manpage says: include (G)
	This  allows you to include one config file inside another. The file
        is included literally, as though typed in place.

But the old values are not overwritten , i think.

Now, what shall i do?

Comments, Pointers, Solutions?

best regards,
	Alex

More information about the samba mailing list