If you’re running Samba on a multihomed system (on multiple subnets), you will need to configure Samba to use all the network interfaces. Another use for the options presented in this section is to implement better security by allowing or disallowing connections on the specified interfaces.

Let’s assume that our Samba server can access both the subnets 192.168.220.* and 134.213.233.*. Here are our additions to the configuration file to add the networking configuration options:

[global]
    #  Networking configuration options
    hosts allow = 192.168.220. 134.213.233.
    hosts deny = 192.168.220.102
    interfaces = 192.168.220.100/255.255.255.0 \
                    134.213.233.110/255.255.255.0
    bind interfaces only = yes

Take a look at the hosts allow and hosts deny options. If these options sound familiar, you’re probably thinking of the hosts.allow and hosts.deny files that are found in the /etc directories of many Unix systems. The purpose of these options is identical to those files; they provide a means of security by allowing or denying the connections of other hosts based on their IP addresses. We could use the hosts.allow and hosts.deny files, but we are using this method instead because there might be services on the server that we want others to access without also giving them access to Samba’s disk or printer shares.

With the hosts allow option, we’ve specified a 192.168.220 IP address, which is equivalent to saying: “All hosts on the 192.168.220 subnet.” However, we’ve ...