From fe45888e228d1452b8301b3b074794bd443a7fa5 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 24 Sep 2004 03:34:55 +0000 Subject: r2581: added "hosts allow" and "hosts deny" checking in smbd. I needed this as my box keeps getting hit by viruses spreading on my companies internal network, which screws up my debug log badly (sigh). metze, I'm not sure if you think access.c should go in the socket library or not. It is closely tied to the socket functions, but you may prefer it separate. The access.c code is a port from Samba3, but with some cleanups to make it (slighly) less ugly. (This used to be commit 058b2fd99e3957d7d2a9544fd27071f1122eab68) --- source4/smbd/service.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source4/smbd') diff --git a/source4/smbd/service.c b/source4/smbd/service.c index 323bc62a85..278a763657 100644 --- a/source4/smbd/service.c +++ b/source4/smbd/service.c @@ -226,6 +226,11 @@ struct server_connection *server_setup_connection(struct event_context *ev, stru srv_conn->event.fde = event_add_fd(ev,&fde); srv_conn->event.idle = event_add_timed(ev,&idle); + if (!socket_check_access(sock, "smbd", lp_hostsallow(-1), lp_hostsdeny(-1))) { + server_terminate_connection(srv_conn, "denied by access rules"); + return NULL; + } + return srv_conn; } -- cgit