[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT - NFS through firewalls

With the setup you describe, I don't believe you should even be able to
ping the NFS server from the clients, much less mount a volume. Try it!

The trouble is that there is no way for the NFS server to address a
client; so while a packet might get to from a client, there is no way it
can send a response.

Also, I don't really understand why you want this firewall. Is the NFS box
the only thing on that side? Then why not run iptables directly on the NFS
box? Or are you using the "firewall" just as a NAT, to conserve IP
addresses? In which case why not put the NFS server inside it? NFS is
about the least secure protocol imaginable, so firewalls are usually
configured to prevent NFS flowing across them.

To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: