Find the answer to your Linux question:
Results 1 to 5 of 5
HELP ME !!! I have a network of XP & Linux machines. From my Linux machines I do not want to access any networked pc - be it LINUX or ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    dew
    dew is offline
    Just Joined!
    Join Date
    May 2005
    Posts
    5

    Restrict Linux users from accessing the networked machines


    HELP ME !!!

    I have a network of XP & Linux machines. From my Linux machines I do not want to access any networked pc - be it LINUX or windows.
    I have removed samba configuration tool but still it when I click on network servers- it shows me the names of all the windows pc.
    Please tell me how to restrict users of LINUX to access other machines in network

    HELP !!!! Its urgent.

  2. #2
    Just Joined!
    Join Date
    May 2005
    Posts
    21
    It shows the names, but can you actually access them? I have my linux computer networked with a Win XP machine, and when i saw my windows machine in the list, I thought it might be accessable, but when I tried to go in there, access was denied....just a thought.

  3. #3
    Linux Guru sarumont's Avatar
    Join Date
    Apr 2003
    Location
    /dev/urandom
    Posts
    3,682
    You can either take samba support out of your kernel (if it's just samba shares you want), or you can block access on an IP basis. You could also block just the ports, too (samba, nfs, etc.)...this would probably be easier to do than blocking each IP.

    Code:
    /sbin/iptables -A OUTPUT -d <IP> -j DROP
    *or*

    Code:
    /sbin/iptables -A OUTPUT --dport <portnum> -j DROP
    "Time is an illusion. Lunchtime, doubly so."
    ~Douglas Adams, The Hitchhiker's Guide to the Galaxy

  4. #4
    dew
    dew is offline
    Just Joined!
    Join Date
    May 2005
    Posts
    5

    Restrict Linux users from accessing NETWORK pcs

    dear sarumont

    As you have told
    Code:
    /sbin/iptables -A OUTPUT -d <IP> -j DROP


    *or*

    Code:
    /sbin/iptables -A OUTPUT --dport <portnum> -j DROP



    If I do so , can my LINUX machines still be able to browse internet ? Because I want them to browse internet. How do I get the port number ?

    Another thing is required - I want that from the LINUX machines they should not be able to access the local intranet address ie 192.168.0.100 . How can I do so ?

    Please get back.
    URGENT !!!
    THNAKS ....

  5. #5
    Just Joined!
    Join Date
    May 2005
    Posts
    21
    I do believe you can just type the following and it will block access to your LAN:

    iptables -A OUTPUT -d 192.168.0.0/255.255.255.0 -j DROP

    Should block anything going out from your computer to that subnet

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •