Yeah ive got that in my smb.conf already.
the only thing wrong is that the hacker still has a chance of getting in using some sort of ip spoofing tool. which wiil allow him to pretend to have a internal network ip.
I use Ipchains with 2.2.18 redhat 7
cheers
_____________________________
Have Fun