Date: Wed, 02 Jul 2014 20:03:43 -0400 From: Bob Healey <healer@rpi.edu> To: rmacklem@uoguelph.ca, freebsd-stable@freebsd.org Subject: Re: Interactions with mxge, pf, nfsd, and the kernel Message-ID: <53B49DDF.6000607@rpi.edu> In-Reply-To: <20140702235052.GA3334@anubis.morrow.me.uk> References: <53B43D90.6000700@rpi.edu> <20140702235052.GA3334@anubis.morrow.me.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
What I want to do, and is not valid, is zfs set sharenfs="maproot=root,network 128.113.185.0/24, network 128.113.186.0/24,network 10.0.0.0/8" tank/home To get the desired functionality, i have to do zfs set sharenfs="maproot=root,network 0.0.0.0/0" and then set a host level firewall. Bob Healey Systems Administrator Biocomputation and Bioinformatics Constellation and Molecularium healer@rpi.edu (518) 276-4407 On 7/2/2014 7:50 PM, Ben Morrow wrote: > Quoth Rick Macklem <rmacklem@uoguelph.ca>: >> Bob Healey wrote: >>>>> 10/8. If there is a way in zfs's sharenfs property to make that >>>>> restriction, I'd be happy to change, but I really don't like >>>>> leaving nfs >>>>> open to the university's quartet of /16's, so PF it is. >> You can specify pretty well any subnet for lines in /etc/exports. >> You can export the file systems via /etc/exports. (I'm not a zfs >> guy, but my understanding is that zfs sharenfs just generates lines >> for the exports file.) > You can specify any exports(5) options in the sharenfs property. See > Example 16 in zfs(8). > > Ben > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53B49DDF.6000607>