Link to home
Start Free TrialLog in
Avatar of Mark
Mark

asked on

is there a way to 'hosts allow' depending on which mountpoint?

I have a mountpoint I would like to be accessible from the local LAN without a password, but also be accessible from outside the LAN with a password. 'hosts allow' seems to restrict ALL IPs. Is there a way to NOT permit a particular mountpoint if the host IP is outside the LAN?

Here's what I've got (with no 'hosts allow' configured):

[webcontent]
comment = Mountpoint for intra-LAN
writable = yes
path = /this/path
public = yes
guest ok = yes
guest only = yes
guest account = smith
browsable = yes

[website]
comment = Mountpoint for extra-LAN
valid users = smith
path = /this/path
public = yes
writeable = yes
browseable= yes
printable = no

Open in new window


This specifies a mountpoint to the same path for the same user (smith), but mounting 'website' will require a password and mounting 'webcontent' will not.

The problem here is that someone outside the office LAN can still mount the w/o PW mount point. That's what I want to prevent.
ASKER CERTIFIED SOLUTION
Avatar of AggieTex
AggieTex
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Mark
Mark

ASKER

Thanks! I didn't realize I could use the hosts allow inside a mountpoint definition. Do I need the hosts deny? I've never used that with a hosts allow before ... seems like it would undo the allow.
Yes, you need to include the hosts deny = all.  It will basically deny everyone except for the addresses you include in hosts allow.  Without it, people outside would still be able to access the share since there is no rule to actually deny them access.
Avatar of Mark

ASKER

OK, thank!