similar to: Crypto API and Shorewall

Hi all, I would like to do something like this at Samba level: hosts allow = subnet1/mask1 subnet2/mask2 etc hosts deny = * But this doesn't seem to work (machine that are not in subnet1 and not in subnet2 still have access) I think the * is not understood by Samba, I tried ALL, this didn't work either. I'm gonna check the samba source code but if I could get an expert answer

I have 1 100MB NIC with two 2MB-subnets trough a router behind it. I''d like to create multiple default classes: 1: + |\_ 1:10 default, ceiling 100000kbit, rate 96000kbit | |\_ 1:11 ceiling 2048kbit, rate 2048kbit | | | |\_1:110 ceiling 2048kbit, rate 1536kbit | \_1:111 ceiling 2048kbit, rate 512kbit (default subnet1) | \_ 1:12 ceiling 2048kbit, rate

good morning all, i have an interesting issue with browsing. details: i have three subnets. (subnet1, subnet2, and subnet3) i have a samba server on each subnet. (samba1, samba2, and samba3) i have a windows 2000 server on subnet1. (m$1) samba1 is the domain master and wins server with ip 192.168.0.1 win2k clients authenticate to their local server and wins is set to 192.168.0.1. when i run a

Hi there. Currently, our network design has two ISP lines and 3 subnets for LAN. Below are some details :- eth0 - isp1 eth1 - isp2 eth2 - subnet1 eth3 - subnet2 eth4 - subnet3 What i wanted to do is to assign incoming port 80 to our local squid server running on the firewall itself and assigned it to eth0(ISP1). I think it shouldnt be a problem as /etc/shorewall/rules provides a sample of the

Hi, I am configuring a network with two subnets with a different workgroup in each subnet. My aim is to have users being able to view and access shares on both workgroups. I have a Samba server in each subnet/workgroup, configured as both the domain and local master for each workgroup. Each server is also the WINS server for its subnet. The setup is like this: Subnet1: network -

Hi! I have a problem with samba, that I don't know if it's possible to solve. This is my network: <Subnet1>-Ethernet-<Gateway>-Ethernet-<Subnet2>-Internet Subnet1 is my own local network (bcast 192.168.1.255), Gateway is my own gateway machine (FreeBSD4.4, IPs: 192.168.1.1 and 193.13.35.101), Subnet2 is my neighbours (bcast 193.13.255.255). I can configure all

Greetings, I just received some netweb-301 phones frm Seshu down in NJ. I cannot for the life of me get it to register with the asterisk server, nor upgrade the firmware to the latest (1.41) i'm still using 1.37. The packets are traversing the router, going into the other subnet, hitting the asterisk box, but not actually making it to asterisk. Nothing in the asterisk logs, but tcpdump

Hello Kevin, We have a  Samba/Windows20008R2 domain that's been running a few years now. Here are the details: * clients auth with SSSD (ldap, kerberos, ldap_schema=rfc2307bis) * idmap * samba on clients/server for joining domain We have scripts that automatically create users with UnixHomeDir, UID and GUID numbers within AD. I don't know about using WInbind...  I dropped that

I've got a pretty large lan at the moment and we are moving into a new office building next week. I'm looking at splitting the lan into seperate networks. At this stage I have one samba DC that does netlogon, roaming profiles etc for all clients. I'm not using LDAP with samba and won't be able to too soon as the change would be major. I have a ldap server used for qmail /

Hi all, I''ve been using Shorewall 1.42 for a month on two firewalls at work and my own personal colocated server and love it. While pretty familiar with iptables, I don''t like dealing with it on a daily basis, and Shorewall certainly makes life easier. I''ve deployed Shorewall on both our Toronto and Ottawa office firewalls, and have configured a FreeS/WAN IPSEC

In my /var/log/messages file, in recent days I have been receiving numerous messages such as: Jun 23 15:02:50 OUR-HOST named[577]: sysquery: nslookup reports danger (dns.SUBNET1.OTHER.DOMAIN.AAA.BBB.CCC.in-addr.arpa) Jun 23 15:02:51 OUR-HOST named[577]: sysquery: nslookup reports danger (HOST2.SUBNET2.OTHER.DOMAIN.AAA.BBB.CCC.in-addr.arpa) Jun 23 15:02:51 OUR-HOST named[577]: sysquery:

hi list, this is my first posting in the list here. At the moment I am reading the Advanced Traffic..... How-To. perhaps some one can tell me how to realize my idea. We have a data-server which is used by different subnets in our company. now I want wo put a linux-box in front the dataserver which control traffic usage to the different subnet´s. is it possible to do this transparent and

Tuomo Soini wrote: > You don''t happen to read shorewall-devel mailinglist ? I read it -- I just didn''t know what to make of your post and it arrived while I was on vacation. What exactly are you trying to accomplish that Shorewall isn''t doing for you now? e.g. /etc/shorewall/zones rw Roadwarriors Road Warriors /etc/shorewall/interfraces rw ipsec+

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I''m trying to setup a central IPSEC-Gateway with several ipsec tunnels. Some are to be routed over one leased line, some over the other leased line. Both leased lines have their own public ip adress. The setup looks kinda like this: eth1(ipsec0)--ISP0--Internet--eth1-Linux1-eth0--Subnet1 /

Hi, Is there a way in Linux to do NAT with a pool of outside addresses such that each connection to the outside resource gets a different IP address?? I don''t want 1:1 NAT as I have some thousands of IP addresses on one side of the LARTC router that _may_ need to access a resource on the other side... The resource needs to see a different IP address for each active call, but these

These two networks can be the same, i.e. the VPN can be an extension of your local network, sharing the same subnet. That's one the many ways things can be set up. The same result can be achieved through other ways (e.g. Ethernet-level bridging). This does not contradict my earlier statement: a subnet can be *both* inside *and* outside the VPN, depending on the scenario. The Subnet

I started with one dc, 'dc1', running samba v4.0.21, in subnet1. I successfully added two more dc's, 'dc2' and 'dc3', both running samba v4.0.24, both in subnet2. There are several firewalls between subnets 1 & 2. I continued to make firewall holes on behalf of msad after I added dc's 2 & 3. I.e. when they were added, there were patterns of communication

I am using tinc to connect together VPCs in AWS across multiple regions and accounts to provide secure communication. For the most part, it works great. A few times, I have seen issues where something got into an unstable state that didn't seem to resolve itself. Shutting down tinc on all hosts and restarting seemed to do the trick, but I'd like to see if there is something that I can

We are testing tinc inside Google Compute within a single region and an external region. Two boxes are created as follows: /etc/tinc/test/tinc_test_1 Subnet = 10.240.0.0/16 Subnet = 10.240.0.4/32 Address = 104.154.59.151 /etc/tinc/test/tinc_test_2 Subnet = 10.240.0.0/16 Subnet = 10.240.0.5/32 Address = 104.197.132.141 /etc/tinc/test/tinc.conf Name = $HOST AddressFamily = ipv4 Interface = tun0

My Problem is: I can't connect with a Win2kmachine to Sambaserver2 witch get the passwords on Sambaserver1. I can create the machine account, but I can't login with a user. Also i have to create a smbpasswd (with the machineaccount only) on Sambaserver2, otherwise the Sambaserver2 isn't able to check the W2kclients machineaccount on sambaserver1 and the message appears "Can't