Their FAQ states that their "product" will not work with a glibc based
Linux
and it specifically says it will not work with any Red Hat higher than 4.2.
I'm going to try ipchains, though. Thanks for the pointer.
--- "A.J. Leitell" <lordacid@ispchannel.com>
wrote:> Use IpFilter and set up your rules so that the networks cannot access each
> other... read about it at:
>
> http://coombs.anu.edu.au/~avalon/ip-filter.html
>
> ----- Original Message -----
> From: "Mike Fedyk" <mfedyk@matchmail.com>
> To: <faber@linuxnj.com>
> Cc: <samba@lists.samba.org>
> Sent: Friday, December 22, 2000 9:09 PM
> Subject: Re: Is this possible?
>
>
> > Faber Fedor wrote:
> > >
> > > I've got an interesting little set-up that I can't figure
out. I'm
> hoping
> > > someone here knows what I need to do. Basically, I need to be
able to
> restrict
> > > home directories by interfaces. Here are the details:
> > >
> > > My samba box NFS mounts /export/home from a Sun box onto /home.
My samba
> box
> > > has multiple interfaces (virtual LANS, but we can think of them
as
> separate
> > > NICs (at least I do!)). Let's say I've got two vlans,
192.168.1.0/24
> and
> > > 192.168.2.0/24.
> > >
> > > If I set up the /home shares as separate shares, I can restrict
access
> based on
> > > interfaces. The problem with this is that the people on the .1
network
> can see
> > > (but not access) the shares on the .2 network.
> > >
> > > If I set up the /home shares as [homes], the user will see only
their
> share.
> > > But this has the following problem: A user from network .2 can
logon to
> the .1
> > > network and see his share. This is not a Good Thing since the
neworks
> are
> > > owned by two different companies.
> > >
> > > So, in a nutshell, I need to one samba server to have shares that
are
> invisible
> > > on one network but browseable on another *and* to restrict access
of
> [homes]
> > > directory by network.
> > >
> > > Any ideas? Any one? Any one? Bueller?
> > >
> > > ====> > > Sincerely,
> > >
> > > Faber Fedor
> > >
> > Look into the "include" directive with a couple variables.
I'd have
> different
> > [homes] based on primary group if possible.
> >
> > I've played around with it a little while, and you can do some
really nice
> > things with it. Although I'm not sure where the %g and %G are
defined
> during
> > login.
> >
> > HTH
> >
> > Mike
> >
> >
>
>
====Sincerely,
Faber Fedor
LinuxNJ.com - Linux and Open Source solutions for New Jersey
http://www.linuxnj.com
__________________________________________________
Do You Yahoo!?
Yahoo! Photos - Share your holiday photos online!
http://photos.yahoo.com/