[Samba] Is it possible to set the protocol for a single client

Rowland penny rpenny at samba.org
Wed Feb 10 20:30:53 UTC 2021

On 10/02/2021 20:16, Jeremy Allison wrote:
> On Wed, Feb 10, 2021 at 12:14:06PM -0800, Jeremy Allison via samba wrote:
>> On Wed, Feb 10, 2021 at 08:02:41PM +0000, Rowland penny wrote:
>>> On 10/02/2021 19:46, Jeremy Allison wrote:
>>>> Matching on the remote hostname (%M) is
>>>> done at socket accept time (it's how
>>>> we handle the "hosts allow/ hosts deny"
>>>> parameters.
>>>> This is *before* the negprot is processed,
>>>> so if there is an include that adds
>>>> "server minimum protocol = NT1" it
>>>> will allow the client that matches
>>>> to connect using SMB1, but all others
>>>> will be restricted to SMB2+.
>>> OK, I can understand that, but are you saying that if there is a 
>>> line like 'include = /path/to/smb.conf.%M' in smb.conf and there is 
>>> a file called smb.conf.clientname in /path/to , then the contents of 
>>> that will be used instead of what is in the main smb.conf ?
>> Not instead of, included at that point.
>>> Wouldn't you have to reload the samba config ?
>> et voila !
>> source3/smbd/process.c:smbd_process()
>> 4114         /* this is needed so that we get decent entries
>> 4115            in smbstatus for port 445 connects */
>> 4116         set_remote_machine_name(remaddr, false);
>> 4117         reload_services(sconn, conn_snum_used, true);
>> Remember, Samba is *old* and has many, many
>> strange wrinkles that were added a long time
>> ago :-).
> This "feature" was commonly used a long time
> ago to present different shares to different
> client machines depending on IP address/name. It has been that

It has been that long since I last used 'include' , I  have forgotten 
what little I knew about it, though I vaguely  remember using it for shares.

I still don't think using SMBv1 is a good idea, but needs must when the 
devil drives 😁


More information about the samba mailing list