1

we have a Scanner that can save the scanned documents to an SMB share. So I need to switch on SMB sharing on the Mac - should be no problem.

Issue: The Mac is a MacBook, which will also be used in foreign networks - and obviously we would not want SMB sharing on outside my own network.

So, I am looking for a way to automatically start the SMB service on the MacBook only if it gets connected to a certain netowrk (ideally based on HW adress of our router, or maybe based on the IP adress is gets from the DHCP server as a fallback). The SMB serive should be stopped as soons as the network connection changes.

I am not sure if it is a good idea to fiddle with the system scripts, which might get changed by any next system update - still that might be the only option? Or is there an app that can do that? Does anyone have a better idea?

Skyhawk
  • 14,200
  • 4
  • 53
  • 95
Philippp
  • 141
  • 4
  • 2
    Hmm... I think it's somewhat off-topic here, but it's been answered on SuperUser, and the answer might be useful to some wayward Mac admin in the future. I won't kill it in case someone comes up with something better/not-costly :) – voretaq7 May 21 '12 at 19:09
  • @voretaq7: Agreed :) I already learned something new from this, never heard about this NetworkLocation/Sidekick tool from your answer and it looks useful. – Sven May 21 '12 at 19:18
  • @SvenW All credit goes to alexandru on SuperUser who deserves upvotes on for their answer on the linked question :) – voretaq7 May 21 '12 at 19:27

3 Answers3

5

Liberally stolen from https://superuser.com/questions/187650/enable-file-sharing-only-when-on-home-wi-fi-network-in-mac-os-x :

Even if slightly expensive, you can use NetworkLocation to autodetect your location, and after configuring it for your home network, add Application > Open an Application / Run Script and configure it so that it runs this StartInternetSharing script. Repeat, only this time check the box saying Launch when leaving location and add the StopInternetSharing script instead.

Scripts weren't written by me, but I've updated them and hosted them on my Dropbox because I have a checkbox for Xgrid, and so the original version wasn't working. I've tested them and they both work. Here is the MacRumors post where these scripts were originally posted.

P.S. I don't know if I have Xgrid because of something I installed, or everyone with 10.6 does. Could you read/follow the instructions in either script's headers (open in AppleScript Editor) and let me know if you do? I'd like to update the scripts to have the most-used option as default. Thanks.

Community
  • 1
voretaq7
  • 79,879
  • 17
  • 130
  • 214
  • Thank you very much, that looks perfect - I will go for it! And sorry for being off-topic. For any others interested: The referenced product is now called [Sidekick](http://oomphalot.com/sidekick/). Thank you very much! – Philippp May 22 '12 at 22:05
3

You do not need to enable SMB sharing to use the scanner. The scanner should be configured to save scanned documents to a server on the network in question. You then make an outbound SMB connection to that server in order to retrieve those files. If the privacy of scanned documents is a concern, ensure that each user has a scan folder that is accessible only by the user and by the scanner's service account (which should be named svc_scanner, or whatever follows your company's service naming convention).

If you really want to enable SMB sharing for one authorized device to connect to your Mac, you can use ipfw to ensure that connections are allowed only from that specific device's IP address. If you do not want to configure ipfw manually, WaterRoof is one option for a GUI front-end.

Skyhawk
  • 14,200
  • 4
  • 53
  • 95
  • +1 for not enabling the sharing *on your Mac* -- you should be able to access SMB shares without sharing anything yourself (though you may have to open the firewall up to get it working) – voretaq7 May 21 '12 at 19:11
  • Sorry I fogot to mention that there is no server. Otherwise, that would obviously be the best option. – Philippp May 22 '12 at 21:54
  • I thought about the firewall, but Lion only allows me to select programs and choose to allow or deny incoming traffic - I cannot find any "from" adress option or what I would expect in a firewall... – Philippp May 22 '12 at 21:56
  • @Philippp My mistake: forgot that the firewall settings under System Preferences are now application-only. Revised accordingly. – Skyhawk May 22 '12 at 23:45
1

We just found an even more promising solution:
See http://www.controlplaneapp.com/feature-list/
On gitHub: ControlPlane on GitHub
So its even open source!

Philippp
  • 141
  • 4