[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
howtos:network_services:home_nfs_howto [2018/02/23 13:01 (UTC)] – Additional information for 14.2-current and minor layout updates allend | howtos:network_services:home_nfs_howto [2018/12/22 20:04 (UTC)] – [Home NFS Setup HOWTO] Using proper CIDR notation ellendhel | ||
---|---|---|---|
Line 60: | Line 60: | ||
mountd: 10.1.1.2 | mountd: 10.1.1.2 | ||
statd: 10.1.1.2</ | statd: 10.1.1.2</ | ||
- | The syntax in the above examples can be altered, e.g. 10.1.1. could be used to allow access from any machine on the 10.1.1.1/255 network | + | The syntax in the above examples can be altered, e.g. 10.1.1. could be used to allow access from any machine on the 10.1.1.0/24 network |
**/ | **/ | ||
Line 76: | Line 76: | ||
* The no_root_squash option is very permissive. The root_squash option is much more secure. | * The no_root_squash option is very permissive. The root_squash option is much more secure. | ||
- | * Allowing access to the entire root file system is very permissive. Restriction to a subdirectory | + | * Allowing access to the entire root file system is very permissive. Restriction to a sub-directory |
* The nohide option is required to show the contents of other mounted partitions. | * The nohide option is required to show the contents of other mounted partitions. | ||
Line 238: | Line 238: | ||
To use NFS through the firewall is now easier, as options for NFS can be set in / | To use NFS through the firewall is now easier, as options for NFS can be set in / | ||
- | **/ | + | **/ |
< | < | ||
Line 291: | Line 291: | ||
$IPTABLES -A INPUT -i $EXTIF -p udp -s $LOCAL_LAN --dport 32766 -j ACCEPT | $IPTABLES -A INPUT -i $EXTIF -p udp -s $LOCAL_LAN --dport 32766 -j ACCEPT | ||
# Accept TCP and UDP on port 32767 from local LAN for mountd | # Accept TCP and UDP on port 32767 from local LAN for mountd | ||
- | # (set in / | + | # (set in / |
$IPTABLES -A INPUT -i $EXTIF -p tcp -s $LOCAL_LAN --dport 32767 -j ACCEPT | $IPTABLES -A INPUT -i $EXTIF -p tcp -s $LOCAL_LAN --dport 32767 -j ACCEPT | ||
$IPTABLES -A INPUT -i $EXTIF -p udp -s $LOCAL_LAN --dport 32767 -j ACCEPT | $IPTABLES -A INPUT -i $EXTIF -p udp -s $LOCAL_LAN --dport 32767 -j ACCEPT | ||
# Accept TCP and UDP on port 32768 from local LAN for lockd | # Accept TCP and UDP on port 32768 from local LAN for lockd | ||
- | # (set in / | + | # (set in / |
$IPTABLES -A INPUT -i $EXTIF -p tcp -s $LOCAL_LAN --dport 32768 -j ACCEPT | $IPTABLES -A INPUT -i $EXTIF -p tcp -s $LOCAL_LAN --dport 32768 -j ACCEPT | ||
$IPTABLES -A INPUT -i $EXTIF -p udp -s $LOCAL_LAN --dport 32768 -j ACCEPT | $IPTABLES -A INPUT -i $EXTIF -p udp -s $LOCAL_LAN --dport 32768 -j ACCEPT | ||
# Accept TCP and UDP on port 32769 from local LAN for rquotad | # Accept TCP and UDP on port 32769 from local LAN for rquotad | ||
- | # (set in / | + | # (set in / |
$IPTABLES -A INPUT -i $EXTIF -p tcp -s $LOCAL_LAN --dport 32769 -j ACCEPT | $IPTABLES -A INPUT -i $EXTIF -p tcp -s $LOCAL_LAN --dport 32769 -j ACCEPT | ||
$IPTABLES -A INPUT -i $EXTIF -p udp -s $LOCAL_LAN --dport 32769 -j ACCEPT | $IPTABLES -A INPUT -i $EXTIF -p udp -s $LOCAL_LAN --dport 32769 -j ACCEPT |