Date: Thu, 10 May 2001 20:06:36 +0100 From: Mark Drayton <mark.drayton@4thwave.co.uk> To: freebsd-stable@FreeBSD.ORG Subject: Re: nfs and ipfw Message-ID: <20010510200636.B31701@tethys.valhalla.net> In-Reply-To: <Pine.SOL.4.30.0105100922130.22139-100000@argus.EECS.Berkeley.EDU>; from mandric@EECS.Berkeley.EDU on Thu, May 10, 2001 at 09:37:22AM -0700 References: <200105101616.f4AGG2u97467@pau-amma.whistle.com> <Pine.SOL.4.30.0105100922130.22139-100000@argus.EECS.Berkeley.EDU>
next in thread | previous in thread | raw e-mail | index | archive | help
Milan Andric (mandric@EECS.Berkeley.EDU) wrote: > > On Thu, 10 May 2001, David Wolfskill wrote: > > > Actually, if you want all UDP to flow unhindered, why bother with a > > "firewall"??!? > <newbie> to limit it by ip, and wouldn't a reverse lookup keep people > from spoofing? </newbie> > > vpn is not currently an option here, so how else does one deal with > nfs? Isn't it the most common way to share in unix environments? So > it's probably a common problem. How do we deal with it sanely? If > the answer is "don't use it." i'll accept that.. but it's not very > helpful to those that are hooked. NFS is a useful way of sharing files between machines, but these machines are usually on the same network which is all behind one firewall. It's not normailly used to share data between sites over the internet. Depending what you want to do, rsync is a good way of replicating data between machines. It'll run over ssh for encryption and it would be easy to open a single port on your firewall to allow it. rsync is in the ports. Cheers, -- Mark Drayton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010510200636.B31701>