diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-09-24 03:34:55 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:59:07 -0500 |
commit | fe45888e228d1452b8301b3b074794bd443a7fa5 (patch) | |
tree | c59bffe228cff9b125810effdc88383689236202 /source4/smbd | |
parent | 5d4fc1284ea662029f509a88ca49a2a5812f78f1 (diff) | |
download | samba-fe45888e228d1452b8301b3b074794bd443a7fa5.tar.gz samba-fe45888e228d1452b8301b3b074794bd443a7fa5.tar.bz2 samba-fe45888e228d1452b8301b3b074794bd443a7fa5.zip |
r2581: added "hosts allow" and "hosts deny" checking in smbd. I needed this
as my box keeps getting hit by viruses spreading on my companies
internal network, which screws up my debug log badly (sigh).
metze, I'm not sure if you think access.c should go in the socket
library or not. It is closely tied to the socket functions, but you
may prefer it separate.
The access.c code is a port from Samba3, but with some cleanups to
make it (slighly) less ugly.
(This used to be commit 058b2fd99e3957d7d2a9544fd27071f1122eab68)
Diffstat (limited to 'source4/smbd')
-rw-r--r-- | source4/smbd/service.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/source4/smbd/service.c b/source4/smbd/service.c index 323bc62a85..278a763657 100644 --- a/source4/smbd/service.c +++ b/source4/smbd/service.c @@ -226,6 +226,11 @@ struct server_connection *server_setup_connection(struct event_context *ev, stru srv_conn->event.fde = event_add_fd(ev,&fde); srv_conn->event.idle = event_add_timed(ev,&idle); + if (!socket_check_access(sock, "smbd", lp_hostsallow(-1), lp_hostsdeny(-1))) { + server_terminate_connection(srv_conn, "denied by access rules"); + return NULL; + } + return srv_conn; } |