securing samba to a particular subnet or eth device?
We have two servers, one running Windows 2003 the other running Redhat Ent. Linux 4. The servers each have dual-port network cards and are on two disjoint networks. They have:
An external address - an IP allocated to us by our ISP, from which we run services to the outside world (http, ftp and ssh on RHEL; ftp and mms on Win2k3)
For example, an IP of 61.209.100.* under a subnet of 255.255.255.244
An internal address - an IP from behind our firewalled router, from which we want SMB shares accessible at large.
For example, an IP of 192.168.0.* under a subnet of 255.255.255.0
Now, on the windows machine we have Client and File/Printer sharing disabled on the external connection. What we'd like to do on the RHEL machine is configure samba to only listen on local addresses (192.168.0.*, subnet 255.255.255.0), OR configure it to only listen from one of the eth devices, whichever is better/safer/easier. Can this be done, and if so, could someone kindly instruct us on how?
I appreciate any response, thanks!