Re: OT - NFS through firewalls

To: Christopher Swingley <cswingle@iarc.uaf.edu>
Cc: debian-user@lists.debian.org
Subject: Re: OT - NFS through firewalls
From: David Wright <ichbin@shadlen.org>
Date: Thu, 28 Mar 2002 13:19:08 -0800 (PST)
Message-id: <[🔎] Pine.LNX.4.44.0203281309540.14789-100000@miles.shadlen.org>
In-reply-to: <[🔎] 20020328171255.GA652@iarc.uaf.edu>

With the setup you describe, I don't believe you should even be able to
ping the NFS server from the clients, much less mount a volume. Try it!

The trouble is that there is no way for the NFS server to address a
client; so while a packet might get to from a client, there is no way it
can send a response.

Also, I don't really understand why you want this firewall. Is the NFS box
the only thing on that side? Then why not run iptables directly on the NFS
box? Or are you using the "firewall" just as a NAT, to conserve IP
addresses? In which case why not put the NFS server inside it? NFS is
about the least secure protocol imaginable, so firewalls are usually
configured to prevent NFS flowing across them.


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: OT - NFS through firewalls
  - From: Christopher Swingley <cswingle@iarc.uaf.edu>

References:
- OT - NFS through firewalls
  - From: Christopher Swingley <cswingle@iarc.uaf.edu>

Prev by Date: Re: maintenance mode in woody
Next by Date: midi problem
Previous by thread: OT - NFS through firewalls
Next by thread: Re: OT - NFS through firewalls
Index(es):
- Date
- Thread