Chuck Swiger schreef:
Mark Frasa wrote:
I am currently running 1 HTTP server on FreeBSD 6.0
Offcourse, like anyone that likes security, i am running IPFW and set
the kernel to block by default.
Behind that HTTP server i am running 2 Linux boxes.
The problem is that when i enable the firewall and openup ports from
rpcinfo -p:
[ ... ]
I opened up all these ports but i cant do an ls or write to nfs or
whatever.
You should not be running portmap and NFS on a firewall machine. You should not
attempt to pass NFS or other filesharing through a firewall, except perhaps by
using VPN tunneling.
If this existing machine needs to do NFS to your other Linux boxes, it should be
placed behind a properly hardened firewall which perhaps uses NAT to forward
HTTP connections inside to it.
Let me explain more into detail;
I have:
INTERNET
FIREWALL/NFSD/HTTPD Machine
LINUXBOX LINUXBOX
The boxes are on a /24 network and the firewall has 2 ip's 1 for local
and 1 for outside connections, but both in the same subnet.
I want to use a $secure ip for nfsd and ssh connection, while using
@arcas as an ip for port 80 connections
What i don't get is when i openup the $secureip for the /24 network i
still get timeouts when writing to nfsd.
Mark.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"