On Fri, Jan 20, 2006 at 08:24:03PM +0100, Christian Perrier wrote: > Let's start to go through Anand's suggestions:
> --- /usr/share/samba/smb.conf 2004-07-22 22:28:55.000000000 +1000 > +++ /tmp/smb.conf 2004-08-24 01:49:11.000000000 +1000 > @@ -44,6 +44,14 @@ > # to IP addresses > ; name resolve order = lmhosts host wins bcast > +# Only bind to the named interfaces and/or networks. It is recommended that > +# you enable this feature if your Samba machine is not protected by a > +# firewall or is a firewall itself > +; bind interfaces only = true > + > +# The specific set of interfaces / networks to bind to > +# This can be either the interface name or an IP address/netmask > +; interfaces = 127.0.0.0/8 eth0 > These ones seem to be good examples to me. Putting them in the default > smb.conf, commented, is a good way to suggest users they should look > at them and use them if needed. > This of course can be said of many options, so it may be good to have > comments from others. I have mixed feelings about putting these as examples, because there are so many ways to get this wrong... c.f. the just opened bug #348766. :) If this is added, please list 'interfaces' *first* before 'bind interfaces only', and make sure the comment on 'bind interfaces only' says that 'interfaces' must also be set. The comment on interfaces should also probably mention the "dynamic interfaces" caveat from the manpage. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/
signature.asc
Description: Digital signature
