Date: Fri, 11 Oct 2002 13:09:42 -0700 From: Mark <mw@lanfear.com> To: questions@freebsd.org Subject: NFS rules for ipfw Message-ID: <20021011200948.7904C43E88@mx1.FreeBSD.org>
next in thread | raw e-mail | index | archive | help
Hello!
I've got a little server here that is acting as a nat/router and firewall to
connect our home to the internet.
i would, in addition, like to run NFS on this machine so that computers on
the internal network can share disks from it . (Yes, I realize this is
sub-optimal and an NFS server should theoretically be a separate machine, but
there are cost and space issues here ...)
The problem is, I have a "simple" firewall up and running on this machine
that prevents the internal machines from connecting to the server via NFS.
(I've already verified changing the firewall to "open" allows NFS client
access).
My Question is: Is there a set of rules I can add to the server to allow NFS
clients from the LOCAL network only, but still prevent NFS requests from the
outside net?
I've tried things like:
${fwcmd} add pass udp from ${inet}:${imask} to ${iip} 2049
${fwcmd} add pass tcp from ${inet}:${imask} to ${iip} 2049
and similar rules for port 369 (RPC2) and 111 (Sun RPC), but without any luck
-- client machines always give RPC Timed Out messages on mounts or any other
request.
Any suggestions?
Thanks,
Mark.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021011200948.7904C43E88>