From owner-freebsd-questions@FreeBSD.ORG Wed Jul 14 16:08:26 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E187316A4CE for ; Wed, 14 Jul 2004 16:08:26 +0000 (GMT) Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7C5B043D2F for ; Wed, 14 Jul 2004 16:08:21 +0000 (GMT) (envelope-from dan@dan.emsphone.com) Received: (from dan@localhost) by dan.emsphone.com (8.12.10/8.12.10) id i6EG8Krk045578; Wed, 14 Jul 2004 11:08:20 -0500 (CDT) (envelope-from dan) Date: Wed, 14 Jul 2004 11:08:20 -0500 From: Dan Nelson To: Artem Koutchine Message-ID: <20040714160820.GA16366@dan.emsphone.com> References: <004001c469b1$a74dacf0$0c00a8c0@artem> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <004001c469b1$a74dacf0$0c00a8c0@artem> X-OS: FreeBSD 5.2-CURRENT X-message-flag: Outlook Error User-Agent: Mutt/1.5.6i cc: freebsd-questions@freebsd.org Subject: Re: Need a network file system with Windows client and freeBSD server X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jul 2004 16:08:27 -0000 In the last episode (Jul 14), Artem Koutchine said: > I need sime kind of network file system which has a FreeBSD server > and Windows clients (particulary Windows XP) and that FreeBSD file > share must be mounted on Windows XP under a drive letter. Windows > client is FAR FAR away and is behind nat. Traffic costs a lot, so > that file system must not waste it for nothing. Of course, security > is very important and security based on IP address is impossible, > because client is behind nat. For any of the solutions you describe, you will definitely want to set up a VPN between the client and server, and if possible have it compress the data. Never allow raw filesystem access to the entire Internet :) > 1) Samba3 > > I think i could use it with user security (not share or maybe mixed) > but i am not sure about making it open to internet and also i think > it wastes bandwidth. Am i wrong? It should be no more inefficient than any of the others, really. Theres a different amount of overhead for each protocol, but they're all small compared to the actual data sent when doing a file copy, for example. > 4) NFS > > Well, i like it very much because we use for freebsd file shareing > since year 2000. Hoever, i could not find free NFS client for Windows > (but, hell, i'll buy it) but what's worse i get figure out how to > make authorizartion based on user/password and not on /etc/exports. I > need something more secure. Also, am not sure about bandwidth usage. Microsoft has a nice NFS client/server implementation in its free Services for Unix product. http://www.microsoft.com/windows/sfu/ . If you use VPNs, you should be able to control the local IP number that gets assigned to each VPN user, so you could use that to filter access in /etc/exports (and use the -mapall flag to force specific userids for each incoming IP). -- Dan Nelson dnelson@allantgroup.com