The Certified Geek

September 24, 2009

Iptables loop script for Samba

Filed under: Tech Notes, What Runs Underneath

Sometimes Linux administrator/owners wants to restrict access to the Samba server to specific IP addresses since user authentication is not enabled (because of so reasons). Here is a bash script to use iptables to restrict specific hosts via loop statement.


# Define the interface where Samba listens
IF_INT=eth0
# Define the list of host allowed to connect to the server separate by space and note the /32 subnet
HOSTS="192.168.1.100/32 192.168.1.200/32 192.168.1.201/32"

# This is the FOR loop
for SOURCE in $HOSTS;
do
iptables -A INPUT -i $IF_INT -s $SOURCE -p tcp --dport 445 -j ACCEPT
iptables -A INPUT -i $IF_INT -s $SOURCE -p tcp --dport 139 -j ACCEPT
iptables -A INPUT -i $IF_INT -s $SOURCE -p udp --dport 137 -j ACCEPT
iptables -A INPUT -i $IF_INT -s $SOURCE -p udp --dport 138 -j ACCEPT
done;

Add this to your existing iptables script and your good to go.

Comments »

The URI to TrackBack this entry is: http://certifiedgeek.blogsome.com/2009/09/24/iptables-loop-script-for-samba/trackback/

No comments yet.

RSS feed for comments on this post.

Leave a comment

Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>



Anti-spam measure: please retype the above text into the box provided.