[Shorewall-newbies] Make "no-response"

Oivind.Hundal at kj.uib.no Oivind.Hundal at kj.uib.no
Sat Dec 6 00:27:32 PST 2003


Thanx for answering me

I have activated shorewall. And then NFS is not functioning on my internal 
network. I want to have that possibility that my "firewall box" (192.168.0.1 on 
my internal network) also can have /home/directories which the other boxes in my 
network can access. All the Linux boxes in the network have their specific home 
directories, and also the WinMe box. I also want to have a directory which all 
machines can access.

Now when i try to mount 192.168.0.1 from 192.168.0.2, the latter can not find 
the former. The NFS export on .1 does seem to function, but .2 can not find .1

I found here that specific ports would have to be opened in order to have NFS 
(on my internal network) fuinction properly. But then I do not want the ports to 
be opened to the internet.

?????????

Oivind H





Sitat Troy Arnold <troy at troyandtina.com>:

> Francesca makes a good point..  
> 
> Also I don't quite understand where you are trying to access the NFS Share
> from?  In the short answer, you can't make a rule in SW that's says allow
> access to x port but don't allow anyone to probe it.  If a port is open it's
> open.  Now the only thing you can do is make a rule as to what SERVICE can
> access the open port.  Example, just because port 22 is open does not mean
> the service SSH is going to use it.  Just remember in this case port 22 is
> the standard port for SSH but really anything can use it, just like SSH can
> use almost any port it wants.
> 
> -----Original Message-----
> From: Oivind.Hundal at kj.uib.no [mailto:Oivind.Hundal at kj.uib.no] 
> Sent: Friday, December 05, 2003 4:29 AM
> To: shorewall-newbies at lists.shorewall.net
> Subject: [Shorewall-newbies] Make "no-response" 
> 
> Hello
> 
> I have to open specific ports in order to get NFS working. Can I then make a
> 
> shorewall rule so that probing these ports from the internet, results in no 
> response (i.e. to the internet, they do not seem to be open)?
> 
> Newbie Oivind Hundal
> 
> _______________________________________________
> Shorewall-newbies mailing list
> Post: Shorewall-newbies at lists.shorewall.net
> Subscribe/Unsubscribe:
> https://lists.shorewall.net/mailman/listinfo/shorewall-newbies
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
> 
> 
> 




More information about the Shorewall-newbies mailing list