[Samba] Is it possible to set the protocol for a single client
rpenny at samba.org
Wed Feb 10 20:30:53 UTC 2021
On 10/02/2021 20:16, Jeremy Allison wrote:
> On Wed, Feb 10, 2021 at 12:14:06PM -0800, Jeremy Allison via samba wrote:
>> On Wed, Feb 10, 2021 at 08:02:41PM +0000, Rowland penny wrote:
>>> On 10/02/2021 19:46, Jeremy Allison wrote:
>>>> Matching on the remote hostname (%M) is
>>>> done at socket accept time (it's how
>>>> we handle the "hosts allow/ hosts deny"
>>>> This is *before* the negprot is processed,
>>>> so if there is an include that adds
>>>> "server minimum protocol = NT1" it
>>>> will allow the client that matches
>>>> to connect using SMB1, but all others
>>>> will be restricted to SMB2+.
>>> OK, I can understand that, but are you saying that if there is a
>>> line like 'include = /path/to/smb.conf.%M' in smb.conf and there is
>>> a file called smb.conf.clientname in /path/to , then the contents of
>>> that will be used instead of what is in the main smb.conf ?
>> Not instead of, included at that point.
>>> Wouldn't you have to reload the samba config ?
>> et voila !
>> 4114 /* this is needed so that we get decent entries
>> 4115 in smbstatus for port 445 connects */
>> 4116 set_remote_machine_name(remaddr, false);
>> 4117 reload_services(sconn, conn_snum_used, true);
>> Remember, Samba is *old* and has many, many
>> strange wrinkles that were added a long time
>> ago :-).
> This "feature" was commonly used a long time
> ago to present different shares to different
> client machines depending on IP address/name. It has been that
It has been that long since I last used 'include' , I have forgotten
what little I knew about it, though I vaguely remember using it for shares.
I still don't think using SMBv1 is a good idea, but needs must when the
devil drives 😁
More information about the samba