Disable Netbios für Internet IP

I’ve been trying for some time, without success, to block the Netbios ports to the Internet, as this is a security risk. Towards the Intranet (Internal Subnets) the ports should of course remain open. How can I configure this?


first, you should NOT expose UCS directly to the Internet. If you need services (which?) use a VPN instead!

However, you can limit Samba4 to use specified network adapters with the command ucr. These are the related variables which will control the behaviour of Samba4:

interfaces/primary: ens192
samba/interfaces/bindonly: yes
samba/interfaces: lo <interfaces/primary>
samba/register/exclude/interfaces: docker0

But there will be much more ports open by default which you do not want to expose to the Internet. Again, use VPN and/or DMZ.


I have used UCS to host my Kopano server. I just needed a quick replacement for the old Exchange Server :slight_smile:

If I can’t use it in the DMZ the UCS server is useless for me. In that case I will set up a suse system for it.

In any case thanks for the fast help.