access control for Linux Samba servers based on the physical hardware network address (MAC-address) of the client

smbaccess is used to restrict access to a Samba server from clients with certain hardware network addresses. However, this mechanism only works if the client and the server are operating in the same subnet with a direct network interconnection or in a switched network environment since the hardware network address is determined from the IP-number using the arp-cache visible in /proc/net/arp under Linux.

To use smbaccess in conjunction with a Samba server the following lines have to be added to smb.conf in the section of the share to which the account restrictions should apply:

preexec = smbaccess -U %U -I %I 
preexec close = Yes

smbaccess is invoked during the login process. If access according to the access rule is not granted a non-zero errorlevel is returned as error code and the login process is stopped due to the preexec close directive.

Man page: smbaccess(8)

Download: smbaccess-0.1.tar.gz

This software is still beta!

Zur Leitseite
Stefan Langenberg
Last modified: Sun Apr 27 11:23:57 2003