Zentyal Forum, Linux Small Business Server
Zentyal Server => Installation and Upgrades => Topic started by: Darky on October 21, 2011, 11:25:58 am
-
Hallo,
I need to allow external IPs to access our samba server on a Zentyal 2 machine. I added for testing purposes a allow everything rule to the firewall for an external IP. With this IP one can interact with the DNS and Mail server. Samba however wont work. The firewall shows no activity for Port 445. Checking with telnet the port seems to simply not answere any request.
thanks
-
Is Zentyal's external IP a public one or does it require redirect at router level?
-
My clients can connect to SMB shares through VPN.
-
$ grep external /etc/zentyal/samba.conf
# Listen on external interfaces
listen_external = no
-
Thank you.
If others have the same problem: for me it was (on a Zentyal 2.0 machine) /etc/ebox/samba.conf
Will this file be overwritten at some point? For example when the module will be updatet.
-
Will this file be overwritten at some point? For example when the module will be updatet.
You should better have a look at this:
http://trac.zentyal.org/wiki/Documentation/Community/HowTo/CustomizeConfigFiles (http://trac.zentyal.org/wiki/Documentation/Community/HowTo/CustomizeConfigFiles)
-
Thanks. Funny that no one mentioned this after I complained, that an update modified the templates. :)
Is there an example in which not a line is added, but an existing line modified? I actually could use it for
changing the postfix template to not use HELO.
-
You don't need a custom stub to listen on external interfaces, we already have a configkey for that, which should be the preferred way in order not to miss any upgrade on the default stub. Configuration files are not overwritten with upgrades and are included in the configuration backup.
-
Is there an example in which not a line is added, but an existing line modified? I actually could use it for
changing the postfix template to not use HELO.
I'd use sed:
sed 's/smtpd_helo_required = yes/smtpd_helo_required = no/g' -i /etc/postfix/main.cf
-
You don't need a custom stub to listen on external interfaces, we already have a configkey for that, which should be the preferred way in order not to miss any upgrade on the default stub. Configuration files are not overwritten with upgrades and are included in the configuration backup.
Good to know. How can we know in advance what is kept vs. what is not ??? and therefore where and when hooks have to be used. Sure one way is to apply some kind of reverse engineering ;) but having this documented somewhere could help.
-
For files residing in /etc, have a look at the Debian Policy Manual:
http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files
-
I'm with Pete83 in this one. HOW ON EARTH CAN YOU MAKE SAMBA SHARES AVAILABLE TO THE INTERNET???? (soz for shouting :P ) That's a BIG BIG no go!!
If you want to make Samba shares (in fact ANY internal service) available from the outside, just implement VPN.
-
External network doesn't mean necessarily the Internet, can be an external LAN or something like that. Because is not a common configuration is on a confkey and not in the web interface.
-
HOW ON EARTH CAN YOU MAKE SAMBA SHARES AVAILABLE TO THE INTERNET?
jsalamero explained it a few postings above.
I'd use sed:
sed 's/smtpd_helo_required = yes/smtpd_helo_required = no/g' -i /etc/postfix/main.cf
Thank you. I will try this