Did you know LQ has a Linux Hardware Compatibility List?
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 12-21-2006, 02:26 PM   #1
LQ Newbie
Registered: Jan 2005
Location: USA
Posts: 20

Rep: Reputation: 0
securing samba to a particular subnet or eth device?

We have two servers, one running Windows 2003 the other running Redhat Ent. Linux 4. The servers each have dual-port network cards and are on two disjoint networks. They have:

An external address - an IP allocated to us by our ISP, from which we run services to the outside world (http, ftp and ssh on RHEL; ftp and mms on Win2k3)
For example, an IP of 61.209.100.* under a subnet of

An internal address - an IP from behind our firewalled router, from which we want SMB shares accessible at large.
For example, an IP of 192.168.0.* under a subnet of

Now, on the windows machine we have Client and File/Printer sharing disabled on the external connection. What we'd like to do on the RHEL machine is configure samba to only listen on local addresses (192.168.0.*, subnet, OR configure it to only listen from one of the eth devices, whichever is better/safer/easier. Can this be done, and if so, could someone kindly instruct us on how?

I appreciate any response, thanks!
Old 12-21-2006, 02:47 PM   #2
Registered: Feb 2004
Location: USA
Distribution: Debian
Posts: 174

Rep: Reputation: 16
Try this in your smb.conf - replace br0 with the eth device you want Samba to listen on:

interfaces = br0
bind interfaces only = Yes
Old 12-21-2006, 02:48 PM   #3
LQ Guru
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 62
Edit the /etc/samba/smb.conf file. If the default exist then near the top is a line like this.
 ;   hosts allow = 192.168.1. 192.168.2. 127
Change to something like
    hosts allow = 192.168.0. 127
Old 12-22-2006, 10:00 AM   #4
LQ Newbie
Registered: Jan 2005
Location: USA
Posts: 20

Original Poster
Rep: Reputation: 0
fantastic, thanks for the advice! someone else linked me to the samba docs as well, so that will be helpful too.


samba, security

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Set up IP on specific eth device? johnnybhoy67 Linux - Networking 3 10-21-2005 01:33 PM
Need help with shapecfg working with virtual eth device rdmaxx Linux - Networking 1 02-10-2005 05:38 PM
Device 'eth' doesn't exist Moth7 Linux - Networking 2 10-24-2003 05:45 PM
Change Eth Device gamehack Slackware 4 09-01-2003 12:31 PM
Cannot activate eth device kakridge Linux - Networking 4 07-14-2003 09:22 PM

All times are GMT -5. The time now is 04:06 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration