Hi all,
we are exporting a root filesystem to several clients. Since the clients are
allowed to write to the filesystem, we have a bad feeling about security
(though we have a firewall).
To slightly increase security we would like to allow only clients with
special MAC addresses to mount this fs.
So I'd like to know if there is already support for this.
Thanks in advance,
Bernd
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
Hello Alexander,
thanks for your information. This is helping me very much.
Bernd
> > Hi all,
> >
> > we are exporting a root filesystem to several clients. Since the clients
> > are allowed to write to the filesystem, we have a bad feeling about
> > security (though we have a firewall).
> >
> > To slightly increase security we would like to allow only clients with
> > special MAC addresses to mount this fs.
> > So I'd like to know if there is already support for this.
>
> i dont know, if therfor is support from nfs directly.
> but i think, there is a arp filter module in upcominf 2.4.19
> linux-kernel.
>
> in combination with this i think it must be
> possible to realize a nfs export to spezial mac adresses.
>
> i dont tried it, because kernel is not stable yet, but ir will be in
> near future.
>
>
> mfg ag
>
> > Thanks in advance,
> >
> > Bernd
> >
> >
> >
> > _______________________________________________
> > NFS maillist - [email protected]
> > https://lists.sourceforge.net/lists/listinfo/nfs
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
Hello Alexander,
thanks for your information. This is helping me very much.
Bernd
> > Hi all,
> >
> > we are exporting a root filesystem to several clients. Since the clients
> > are allowed to write to the filesystem, we have a bad feeling about
> > security (though we have a firewall).
> >
> > To slightly increase security we would like to allow only clients with
> > special MAC addresses to mount this fs.
> > So I'd like to know if there is already support for this.
>
> i dont know, if therfor is support from nfs directly.
> but i think, there is a arp filter module in upcominf 2.4.19
> linux-kernel.
>
> in combination with this i think it must be
> possible to realize a nfs export to spezial mac adresses.
>
> i dont tried it, because kernel is not stable yet, but ir will be in
> near future.
>
>
> mfg ag
>
> > Thanks in advance,
> >
> > Bernd
> >
> >
> >
> > _______________________________________________
> > NFS maillist - [email protected]
> > https://lists.sourceforge.net/lists/listinfo/nfs
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
Bernd Schubert schrieb:
> > To slightly increase security we would like to allow only clients with
> > special MAC addresses to mount this fs.
> > So I'd like to know if there is already support for this.
>
> i dont know, if therfor is support from nfs directly.
> but i think, there is a arp filter module in upcominf 2.4.19
> linux-kernel.
>
> in combination with this i think it must be
> possible to realize a nfs export to spezial mac adresses.
>
> i dont tried it, because kernel is not stable yet, but ir will be in
> near future.
'iptables', the current filter system on Linux, has the ability to match
by MAC source adresse - this should
also work on kernels below 2.4.19 !
Ciao
Markus
--
----------------------------------------------
Senior Executive - Systemadministration
Direct Phone: + 49 / 234 9787-57
Direct Fax: +49 / 234 9787-77
ZN Vision Technologies AG
Universitaetsstrasse 160
44801 Bochum
Germany
http://www.zn-ag.com
----------------------------------------------
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs