Am Donnerstag, 18. Oktober 2012 20:50 CEST, Bob Beck b...@obtuse.com schrieb:
Anyways, since in my case, I only need a read-only export, I can also go
with sharing the files via http.
Both networks that are separated with the firewall, have about the same
trust level.
So now someone
On Thu, 18 Oct 2012 19:11:37 +0200
Sebastian Reitenbach sebas...@l00-bugdead-prods.de wrote:
getting NFS through a firewall is not that trivial with mountd binding to a
random port each time it starts.
Hi,
here is how I solved it after my proposal for a fixed-port-option was
rejected:
Hi,
getting NFS through a firewall is not that trivial with mountd binding to a
random port each time it starts.
The patch below allows to specify a port which mountd will use.
The idea and the patch is not from me. 99% is based on an old patch submitted
to tech@ in 2007:
As you note, this has come up before, and the same reasons exist then
as now.
The security model makes no sense: firewall, but allow NFS.
getting NFS through a firewall is not that trivial with mountd binding to a
random port each time it starts.
The patch below allows to specify a port
Am Donnerstag, 18. Oktober 2012 19:17 CEST, Theo de Raadt
dera...@cvs.openbsd.org schrieb:
As you note, this has come up before, and the same reasons exist then
as now.
The security model makes no sense: firewall, but allow NFS.
Yes, its not optimal ;)
Before with my search, I only
Anyways, since in my case, I only need a read-only export, I can also go with
sharing the files via http.
Both networks that are separated with the firewall, have about the same trust
level.
So now someone could argue, why the hell a firewall in there at all, but
that's a different topic
On Thu, Oct 18, 2012, at 12:17 PM, Theo de Raadt wrote:
As you note, this has come up before, and the same reasons exist then
as now.
The security model makes no sense: firewall, but allow NFS.
It may make no sense to you, but that doesn't mean it makes no sense to
everyone, especially those
On Thu, Oct 18, 2012, at 12:17 PM, Theo de Raadt wrote:
As you note, this has come up before, and the same reasons exist then
as now.
The security model makes no sense: firewall, but allow NFS.
It may make no sense to you, but that doesn't mean it makes no sense to
everyone,