[Samba] security in a multi segment network
Kurt Weiss
input.maillists at kwnet.at
Fri Feb 7 11:19:37 GMT 2003
for this problem i have a (relative unsecure) network. unfortunally i'm
not the network admin, so i have to try to get samba secure...
situation:
three network segments. two are running direct on the samba server:
192.168.10.0/24
192.168.30.0/24
the third is comeing over a hardware-gateway (192.168.10.253) via
NAT/masquerading.
so i configured in smb.conf:
interfaces = 192.168.10.0/24 192.168.30.0/24
bind interfaces only = yes
hosts allow = 192.168.10. 192.168.30. EXCEPT 192.168.10.1 EXCEPT
192.168.30.1
the problem:
i try to access the server from 192.168.20.0 -> access allowed, cause
samba cannot see, that it's a 20 segment (masquerading).
question:
how can i samba tell, not to answer masqueraded requests?
More information about the samba
mailing list