Next Previous Contents

3. Access

3.1 Public Access

If this parameter is On for a service, then no password is required to connect to the service. Privileges will be those of the guest account.

Default: Off

3.2 Writeable

If this parameter is Off, then users of a service may not create or modify files in the service's directory.

Default: Off

3.3 Allow hosts

This parameter is a comma-delimited set of hosts which are permitted to access a service.

If specified in the [global] section then it will apply to all services, regardless of whether the individual service has a different setting.

You can specify the hosts by name or IP number. For example, you could restrict access to only the hosts on a Class C subnet with something like "allow hosts = 150.203.5.". The full syntax of the list is described in the man page hosts_access(5).

You can also specify hosts by network/netmask pairs and by netgroup names if your system supports netgroups. The EXCEPT keyword can also be used to limit a wildcard list. The following examples may provide some help:

Example 1

allow all IPs in 150.203.*.* except one

Allow Hosts: 150.203. EXCEPT

Example 2

allow hosts that match the given network/netmask

Allow Hosts:

Example 3

allow a couple of hosts

Allow Hosts: lapland, arvidsjaur

Example 4

allow only hosts in netgroup "foonet" or localhost, but deny access from one particular host

Allow Hosts: @foonet, localhost

Note that access still requires suitable user-level passwords.

See testparm(1) for a way of testing your host access to see if it does what you expect.

Default: None (i.e., all hosts permitted access)

Example: 150.203.5.

3.4 Deny hosts

The opposite of Allow Hosts - hosts listed here are not permitted access to services unless the specific services have their own lists to override this one. Where the lists conflict, the Allow osts list takes precedence.

Default: None (i.e., no hosts specifically excluded)

Example: 150.203.4.

Next Previous Contents