Debian Lenny + ISPConfig3 + Samba

Discussion in 'Installation/Configuration' started by Wizard of Wiring, Oct 6, 2010.

  1. Wizard of Wiring

    Wizard of Wiring New Member

    /etc/network/interfaces
    Code:
    auto eth0
    iface eth0 inet static
            address 192.168.1.50
            netmask 255.255.255.0
            network 192.168.1.0
            broadcast 192.168.1.255
            gateway 192.168.1.10
    
    auto eth0:0
    iface eth0:0 inet static
            address 192.168.1.55
            netmask 255.255.255.0
    
    /etc/hosts
    Code:
    192.168.1.50    server.mydomain.com       server
    192.168.1.55    samba.mydomain.com       samba
    
    /etc/hostname
    Code:
    server.mydomain.com
    
    /etc/Bastille/bastille-firewall.cfg
    Code:
    TRUSTED_IFACES="lo"                               # MINIMAL/SAFEST
    PUBLIC_IFACES="eth+ ppp+ slip+ venet+"     # SAFEST
    INTERNAL_IFACES=""                                # SAFEST
    
    /etc/init.d/bastille-firewall restart
    complains about special characters and virtual hosts if I do:
    Code:
    INTERNAL_IFACES="eth0:0"
    In the ISPConfig Control Panel I can add another IP address to the server but if I add an IP address I get:
    server.mydomain.com 192.168.1.50
    server.mydomain.com 192.168.1.55

    If I could make:
    server.mydomain.com 192.168.1.55
    be:
    samba.mydomain.com 192.168.1.55
    I could just open up the ports 137-139,445 using ISPConfig firewall on .55

    Doing a lot of digging around the forum I came across this thread:
    http://www.howtoforge.com/forums/showthread.php?t=6209

    I am not familiar enough with IP Tables yet to carve out my own solution using that thread.

    Basically the end goal is for a router to forward to .50 and .55 be used locally.
     
    Last edited: Oct 6, 2010
  2. till

    till Super Moderator

    If your server is behind a router, then you do not need a firewall as the ispconfig server runs only services that had to be accessible. Better switch off the bastille firewall and use the firewall of your router instead. Then just forward the ports for services that you want to reach from the internet from your router to your server.
     

Share This Page