Restricting Samba access on SuSE 10.1 to one IP

When you allow Samba access to your SuSE 10.1 machine by using the YaST firewall setup tool, three changes are made to /etc/sysconfig/SuSEfirewall2:

  1. FW_SERVICES_EXT_TCP="" is changed into FW_SERVICES_EXT_TCP="microsoft-ds netbios-ssn"
  2. FW_SERVICES_EXT_UDP="" is changed into FW_SERVICES_EXT_UDP="netbios-dgm netbios-ns"
  3. FW_ALLOW_FW_BROADCAST_EXT="" is changed into FW_ALLOW_FW_BROADCAST_EXT="netbios-ns netbios-dgm"

The respective portnumbers for the serveices are:

How to enable VPN clients to access LAN computers that are not running VPN software

I installed an OpenVPN service on our server. The default setup worked right out of the box. However, I wanted to use a VPN client to perform offsite backups of the computers in our LAN (using the backuppc software). First I installed OpenVPN clients on all of the LAN computers to be backed up, but OpenVPN on MacOS X seems to be a bit unreliable. Therefore I wanted to setup the VPN server to forward requests to our LAN network. The following changes were necessary: