Connecting with smbclient from a host which was locked out with the "hosts deny" parameter before on a Samba 3.2.0pre2 server the clientaccess works nevertheless. The same configuration with Samba 3.0.28 works well. the serverside (smbtest3): **** smbtest3:~ # testparm /etc/sambatest/smb.conf.hostsdeny Load smb config files from /etc/sambatest/smb.conf.hostsdeny Processing section "[test]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions [global] workgroup = LINUX netbios name = SAMBATEST [test] path = /tmp read only = No hosts deny = 172.16.13.1 **** **** smbtest3:~ # testparm /etc/sambatest/smb.conf.hostsdeny localhost 172.16.13.1 Load smb config files from /etc/sambatest/smb.conf.hostsdeny Processing section "[test]" Loaded services file OK. Server role: ROLE_STANDALONE Deny connection from localhost (172.16.13.1) to test ***** ***** smbtest3:~ # ps auxf | grep smbd root 25777 0.0 0.2 1884 624 pts/0 S+ 14:43 0:00 \_ grep smbd root 25617 0.0 1.2 11776 3228 ? Ss 14:28 0:00 smbd -s /etc/sambatest/smb.conf.hostsdeny root 25618 0.0 0.4 11776 1100 ? S 14:28 0:00 \_ smbd -s /etc/sambatest/smb.conf.hostsdeny smbtest3:~ # ***** clientside (smbtest2): ***** smbtest1:~# ifconfig | grep "inet addr" inet addr:172.16.13.1 Bcast:172.16.13.0 Mask:255.240.0.0 inet addr:127.0.0.1 Mask:255.0.0.0 ***** ***** smbtest1:~# smbclient //172.16.13.3/test -Uroot -c 'dir' Password: Domain=[SAMBATEST] OS=[Unix] Server=[Samba 3.2.0pre2-SerNet-SuSE] . D 0 Thu Mar 6 14:45:01 2008 .. D 0 Mon Jul 23 17:11:46 2007 cif D 0 Mon Sep 25 23:27:32 2006 new D 0 Mon Mar 3 09:51:16 2008 ****** smbtest3 smbstatus at the access time: ***** Samba version 3.2.0pre2-SerNet-SuSE PID Username Group Machine ------------------------------------------------------------------- 25865 root root smbtest1 (::ffff:172.16.13.1) Service pid machine Connected at ------------------------------------------------------- test 25865 smbtest1 Thu Mar 6 14:48:37 2008 No locked files ***********
Reproduced this. It's an IPv6 issue with the incoming address being returned as ::ffff:A.B.C.D and the smb.conf parameter being A.B.C.D. String match is failing. I'll fix this. Jeremy.
Created attachment 3163 [details] Patch This patch fixes the problem for me. I'd appreciate it if you'd try more complex allow/deny settings to make sure I got this right. Thanks, Jeremy.
Hi Jeremy, thanks, your patches fixes the problem for me too. I tried out some different confgurations with hosts deny and allow with success. Magnus
Confirmed fixed by submitter. Thanks, Jeremy.