SAMBA(cifs) ip filter

Status
Not open for further replies.
muzhik

muzhik

Dabbler
Joined
Jan 24, 2016
Messages
19
Hey!

I have few shared folders which access restrict by ip, without auth.

But today every folders which have ip settings tell to users that have to insert login\password.
I did not change owner for folders or someting else

How to fix?
 
D

dlavigne

Guest
Build version of FreeNAS (from System -> Information)? Client versions?
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
muzhik said:
Hey!

I have few shared folders which access restrict by ip, without auth.

But today every folders which have ip settings tell to users that have to insert login\password.
I did not change owner for folders or someting else

How to fix?
Click to expand...
Post contents of /usr/local/etc/smb4.conf
Post output of "getfacl /mnt/path/to/share"

Proper authentication is a much better solution than IP filtering.
 
muzhik

muzhik

Dabbler
Joined
Jan 24, 2016
Messages
19
anodos said:
Post contents of /usr/local/etc/smb4.conf
Post output of "getfacl /mnt/path/to/share"

Proper authentication is a much better solution than IP filtering.
Click to expand...
Yes, it works fine. i woudlike restrict by ip for /24 networks, it's not good making a lot of login-pass
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
muzhik said:
Yes, it works fine. i woudlike restrict by ip for /24 networks, it's not good making a lot of login-pass
Click to expand...

[The following assumes that this FreeNAS server is in production in an office / work environment.] If you have lots of users then it's a better idea to implement a directory server (or just take the time to set up the users). It's trivially easy to bypass "hosts allow" on a typical LAN. It just gives an illusion of security.
 
muzhik

muzhik

Dabbler
Joined
Jan 24, 2016
Messages
19
anodos said:
[The following assumes that this FreeNAS server is in production in an office / work environment.] If you have lots of users then it's a better idea to implement a directory server (or just take the time to set up the users). It's trivially easy to bypass "hosts allow" on a typical LAN. It just gives an illusion of security.
Click to expand...
I have two /24 subnets, it's easy and comfortable devide subnets, and allow only 1 subnet, i dont want make for all users in subnet. it not demand for purpose\work
 
Status
Not open for further replies.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "SAMBA(cifs) ip filter"

Similar threads

S
  • Locked
CIFS share - access is denied when accessing via hostname
Replies
1
Views
2K
Ishayahu
Ishayahu
J
  • Locked
One Volume, Multiple Folders, CIFS username/passwords for each share. That's all I want. How?
Replies
10
Views
6K
anodos
anodos
V
  • Locked
protect sharring problems
Replies
0
Views
1K
vitorhugo60
V
P
  • Locked
Set SMB permissions recursively not working
Replies
2
Views
2K
papaja
P
M
  • Locked
Samba shares suddenly stopped
Replies
0
Views
1K
MrKravin
M
Top