im not quite clear on this,...im running redhat 6.2,..my box has two
NICS,...eth0 is my public ip and eth1 is private ip (10.0.0.1)
I want samba to bind nmbd and smbd daemons to 10.0.0.1 not my public ip, for
security....basically I want to run samba on my lan,..but not have the samba
daemons bind to my public ip....so when u run nmap on my public ip, u don't
see ports 139 and 138 open.
Heres what I have now
[global]
workgroup = STUDIO54
encrypt passwords = yes
#Networking configuration options
hosts allow = 24.42.100.236 localhost
interfaces = 10.0.0.1/8
bind interfaces only = yes
ip 24.42.100.236 is my winNT 4.0 server
this is not working,..is there something I'm leaving out??
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 1768 bytes
Desc: not available
Url :
http://lists.samba.org/archive/samba/attachments/20001109/b96a8d8c/winmail.bin
On Thu, 9 Nov 2000, digitalconscious.com wrote:> I want samba to bind nmbd and smbd daemons to 10.0.0.1 not my public ip, for > security....basically I want to run samba on my lan,..but not have the samba > daemons bind to my public ip....so when u run nmap on my public ip, u don't > see ports 139 and 138 open. >A quick and simple way is to block all traffic going to ports 139 and 138 on eth0 using ipchains: /sbin/ipchains -A input -p tcp -i eth0 -s 0.0.0.0/0 -d <your public ip> \ 137:139 -j REJECT /sbin/ipchains -A input -p udp -i eth0 -s 0.0.0.0/0 -d <your public ip> \ 137:139 -j REJECT Hope that helps, dave
Can you ping your NT server from your Linux box? As far as I can see this cannot work because your NT server is on 24.0.0.0/8 and your Linux is on 10.0.0.0/8 and these are different nets. You will have to configure your eth1 to address 24.x.x.x and say "interfaces = 24.0.0.0/8". Tobias digitalconscious.com wrote:> im not quite clear on this,...im running redhat 6.2,..my box has two > NICS,...eth0 is my public ip and eth1 is private ip (10.0.0.1) > > I want samba to bind nmbd and smbd daemons to 10.0.0.1 not my public ip, for > security....basically I want to run samba on my lan,..but not have the samba > daemons bind to my public ip....so when u run nmap on my public ip, u don't > see ports 139 and 138 open. > > Heres what I have now > > [global] > workgroup = STUDIO54 > encrypt passwords = yes > > > #Networking configuration options > hosts allow = 24.42.100.236 localhost > interfaces = 10.0.0.1/8 > bind interfaces only = yes > > > ip 24.42.100.236 is my winNT 4.0 server > > this is not working,..is there something I'm leaving out??