Author Topic: Avoid samba binding to a vlan interfaces  (Read 1622 times)

covex

  • Zen Apprentice
  • *
  • Posts: 15
  • Karma: +3/-1
    • View Profile
Avoid samba binding to a vlan interfaces
« on: December 09, 2020, 10:57:26 am »
I've Zentyal 6 and I created a two vlans in the interfaces, however samba not binds to their IPs and is trying to use the for replays for requests that came on a primary IP. The best would be to avoid this. Is the
checkbox
 External (WAN) Check this if you are using Zentyal as a gateway and this interface is connected to your Internet router.

the way to achieve the samba to not to bind to those vlan IPs?

Thanks.

doncamilo

  • Zen Samurai
  • ****
  • Posts: 478
  • Karma: +165/-1
    • View Profile
- Do my pigeons bother you passing over your land?
- They block the sun!

G. Guareschi., Don Camillo.,

covex

  • Zen Apprentice
  • *
  • Posts: 15
  • Karma: +3/-1
    • View Profile
Re: Avoid samba binding to a vlan interfaces
« Reply #2 on: December 10, 2020, 06:54:04 pm »
Thanks, I do not like to modify stubs - here is a method that should work: there is a /etc/zentyal/samba.conf with "listen" and "listen_external" directives.. so setting the vlans as "external" and  setting "listen_external=no" should work, not sure what else this means for zentyal behavior thou...  not sure how to use the "listen" as there also seems to be only "yes,no" - not sure what this is for setting listen to no would cause most of the zentyal functions to be useless right?


doncamilo

  • Zen Samurai
  • ****
  • Posts: 478
  • Karma: +165/-1
    • View Profile
Re: Avoid samba binding to a vlan interfaces
« Reply #3 on: December 11, 2020, 02:09:52 pm »
 :)

Could be a great solution. Indeed, the samba.conf file isn't generated by templates, so you can change the parameters directly. Actually the change of the listen_external to "no" removes the external interfaces from the smb.conf "interfaces" parameter.

Defining a network interface as external apply the iptables rules configured for external networks and this section of the firewall has a default policy of denying any connection https://doc.zentyal.org/en/firewall.html#firewall-configuration-with-zentyal

So, you'll have to configure the needed firewall rules in order to grant permissions to the usual network traffic in your trunk interface.

Try it and tell us about it!

A great idea.
« Last Edit: December 11, 2020, 02:12:55 pm by doncamilo »
- Do my pigeons bother you passing over your land?
- They block the sun!

G. Guareschi., Don Camillo.,