The Certified Geek

Sometimes Linux administrator/owners wants to restrict access to the Samba server to specific IP addresses since user authentication is not enabled (because of so reasons). Here is a bash script to use iptables to restrict specific hosts via loop statement.


# Define the interface where Samba listens
IF_INT=eth0
# Define the list of host allowed to connect to the server separate by space and note the /32 subnet
HOSTS="192.168.1.100/32 192.168.1.200/32 192.168.1.201/32"

# This is the FOR loop
for SOURCE in $HOSTS;
do
iptables -A INPUT -i $IF_INT -s $SOURCE -p tcp --dport 445 -j ACCEPT
iptables -A INPUT -i $IF_INT -s $SOURCE -p tcp --dport 139 -j ACCEPT
iptables -A INPUT -i $IF_INT -s $SOURCE -p udp --dport 137 -j ACCEPT
iptables -A INPUT -i $IF_INT -s $SOURCE -p udp --dport 138 -j ACCEPT
done;


Add this to your existing iptables script and your good to go.

I have always been scratching my head whenever I used sudo and the environment variables (env) keep on changing. In my case, I have learned there are two ways to keep/preserve the environment or retain some them when moving into a privilege account (sudo -s).

First method, run

#sudo -s -E

where the -E parameter is meant to presserve the environment.

Second method, save all necessary variables in the current user (not root) shells profile (i.e. for bash its ~/.bashrc) and save these environment variables.

#vi ~/.bashrc
export param1=value1
export param2=value2
#

That’s all to it.