On Thu, 18 Oct 2012 19:11:37 +0200
"Sebastian Reitenbach" wrote:
> getting NFS through a firewall is not that trivial with mountd binding to a
> random port each time it starts.
Hi,
here is how I solved it after my proposal for a fixed-port-option was
rejected:
/etc/rc.local:
[...]
# regist
Am Donnerstag, 18. Oktober 2012 20:50 CEST, Bob Beck schrieb:
> > Anyways, since in my case, I only need a read-only export, I can also go
> > with sharing the files via http.
> > Both networks that are separated with the firewall, have about the same
> > trust level.
> > So now someone could
> On Thu, Oct 18, 2012, at 12:17 PM, Theo de Raadt wrote:
> > As you note, this has come up before, and the same reasons exist then
> > as now.
> >
> > The security model makes no sense: firewall, but allow NFS.
>
> It may make no sense to you, but that doesn't mean it makes no sense to
> everyon
On Thu, Oct 18, 2012, at 12:17 PM, Theo de Raadt wrote:
> As you note, this has come up before, and the same reasons exist then
> as now.
>
> The security model makes no sense: firewall, but allow NFS.
It may make no sense to you, but that doesn't mean it makes no sense to
everyone, especially th
> Anyways, since in my case, I only need a read-only export, I can also go with
> sharing the files via http.
> Both networks that are separated with the firewall, have about the same trust
> level.
> So now someone could argue, why the hell a firewall in there at all, but
> that's a different t
Am Donnerstag, 18. Oktober 2012 19:17 CEST, Theo de Raadt
schrieb:
> As you note, this has come up before, and the same reasons exist then
> as now.
>
> The security model makes no sense: firewall, but allow NFS.
Yes, its not optimal ;)
Before with my search, I only found the one I pointed
As you note, this has come up before, and the same reasons exist then
as now.
The security model makes no sense: firewall, but allow NFS.
> getting NFS through a firewall is not that trivial with mountd binding to a
> random port each time it starts.
> The patch below allows to specify a port wh
Hi,
getting NFS through a firewall is not that trivial with mountd binding to a
random port each time it starts.
The patch below allows to specify a port which mountd will use.
The idea and the patch is not from me. 99% is based on an old patch submitted
to tech@ in 2007:
http://old.nabble.com/
