Hello,
The following patches fix the '-p port' command line
argument to rpc.nfsd as well as adds following
flags that control the NFS versions and transports that
rpc.nfsd will use.
-N or --no-nfs-version vers
This option can be used to request that rpc.nfsd does not offer
certain versions of NFS. The current version of rpc.nfsd can
support both NFS version 2,3 and the newer version 4.
-T or --no-tcp
Disable rpc.nfsd from accepting TCP connections from clients.
-U or --no-udp
Disable rpc.nfsd from accepting UDP connections from clients.
The first patch is for nfs-utils and the second one is for the
kernel. Although I'm posting these patch together, they are
not dependent on each other. Meaning, a patched kernel
will work with an unpatched nfs-utils and visa-versa..
Is this something the upstream kernels would be interested in?
steved.
Neil Brown wrote:
> I'm happy to consider changes in syntax, but I really don't like
> merging these very different concepts in the one file.
My initial thought is this adds much more complexity that
really needed... All that's needed is to set the port, version
and protocol. As soon as you added in address and address types,
it adds a hole new level complexity that may not be needed,
to solve this particular problem.
but let me take a closer took to see how much is truly need to
create a couple more proc files and well as the parsing
routines to handle theses type of syntaxes....
steved.
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
Steve Dickson wrote:
> The following patches fix the '-p port' command line
> argument to rpc.nfsd as well as adds following
> flags that control the NFS versions and transports that
> rpc.nfsd will use.
Just for the sake of completion on this proposal, I've updated
the patches to introduce the -V flag and changed the name of the file
rpc.nfsd uses from threads, to config (i.e. /proc/fs/nfsd/config),
which does more accurately describes what is happening....
steved.
Neil Brown wrote:
>
> "ports".... should we allow different protocols to use different
> ports? 2049 for tcp, but use 5123 for udp ???
I would not think so... How often has something like this
been needed in the past?
>
> Maybe a better interface is to open and bind a socket in userspace,
> and pass it down to the kernel. Maybe not..
True.... ;-)
>
> How about the "ports" file contains lines:
> family:proto:address:port
> e.g.
> ipv4:udp:*:2049
Maybe a better name for the file should be 'address'?
since thats what we are defining....
>
> A port could be disabled with
> echo "-ipv4:udp:*:2049" > /proc/fs/nfsd/ports
> maybe.
hmm... I think I would rather just restart the server
verses disable something.... I just doesn't sound good ;-)
steved.
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
Steve Dickson wrote:
> The following patches fix the '-p port' command line
> argument to rpc.nfsd as well as adds following
> flags that control the NFS versions and transports that
> rpc.nfsd will use.
Just for the sake of completion on this proposal, I've updated
the patches to introduce the -V flag and changed the name of the file
rpc.nfsd uses from threads, to config (i.e. /proc/fs/nfsd/config),
which does more accurately describes what is happening....
steved.
Neil Brown wrote:
>
> I would rather (I think) have two new files
> /proc/fs/nfsd/version
> and
> /proc/fs/nfsd/ports
Hmm... I think there is a timing issue here.
These have to be set before threads since
write_threads() does the nfsd_svc(), true?
How about changing the name of the file rpc.nfsd
writes to? To something like /proc/fs/nfsd/config?
rpc.nfsd could write to nfsd/config which then could
cause the version, ports and threads files to have
the correct information....
steved.
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
On Mon, Mar 21, 2005 at 09:42:11AM -0500, Steve Dickson wrote:
> -N or --no-nfs-version vers
> This option can be used to request that rpc.nfsd does not offer
> certain versions of NFS. The current version of rpc.nfsd can
> support both NFS version 2,3 and the newer version 4.
We definitely need something like this, thanks! Though I would have
thought something like "--min-version" and "--max-version" would be more
natural. (What do other OS's do?)
--b.
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
m=E5 den 21.03.2005 Klokka 09:56 (-0500) skreiv J. Bruce Fields:
> On Mon, Mar 21, 2005 at 09:42:11AM -0500, Steve Dickson wrote:
> > -N or --no-nfs-version vers
> > This option can be used to request that rpc.nfsd does not offe=
r
> > certain versions of NFS. The current version of rpc.nfsd can
> > support both NFS version 2,3 and the newer version 4.
>=20
> We definitely need something like this, thanks! Though I would have
> thought something like "--min-version" and "--max-version" would be more
> natural. (What do other OS's do?)
--min-version and --max-version are indeed more in line with the RPC
model: the PROG_MISMATCH error offers a single range of supported
versions, and was never designed to say that you are offering NFSv2 and
v4, but not NFSv3.
That said, we have already added the -N option to rpc.mountd, so if we
fix rpc.nfsd, then we should also fix rpc.mountd.
Cheers,
Trond
--=20
Trond Myklebust <[email protected]>
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
According to Steve Dickson:
> -N or --no-nfs-version vers
> This option can be used to request that rpc.nfsd does not offer
> certain versions of NFS. The current version of rpc.nfsd can
> support both NFS version 2,3 and the newer version 4.
Thanks very much for the patches, but would you please add on support
for the '-V' flag specifying the versions that should be allowed?
> -T or --no-tcp
> Disable rpc.nfsd from accepting TCP connections from clients.
>
> -U or --no-udp
> Disable rpc.nfsd from accepting UDP connections from clients.
And could you please document when (if ever) these options would be
useful to an end user?
adTHANKSvance
--
Chip Salzenberg - a.k.a. - <[email protected]>
Open Source is not an excuse to write fun code
then leave the actual work to others.
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
J. Bruce Fields wrote:
> On Mon, Mar 21, 2005 at 09:42:11AM -0500, Steve Dickson wrote:
>
>> -N or --no-nfs-version vers
>> This option can be used to request that rpc.nfsd does not offer
>> certain versions of NFS. The current version of rpc.nfsd can
>> support both NFS version 2,3 and the newer version 4.
>
>
> We definitely need something like this, thanks! Though I would have
> thought something like "--min-version" and "--max-version" would be more
> natural. (What do other OS's do?)
I was trying to keep the syntax similar to
what rpc.mountd uses. I figured it would be
easier to turn things on and off from a init
script point of view....
But if it makes more sense to do a min/max
type of thing, that could work too...
steved.
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
Chip Salzenberg wrote:
> According to Steve Dickson:
>
>> -N or --no-nfs-version vers
>> This option can be used to request that rpc.nfsd does not offer
>> certain versions of NFS. The current version of rpc.nfsd can
>> support both NFS version 2,3 and the newer version 4.
>
>
> Thanks very much for the patches, but would you please add on support
> for the '-V' flag specifying the versions that should be allowed?
Well since everything is on by default, I figured all that
was needed was a way to turn things off, but it would
be a non-issue to add.
>
>
>> -T or --no-tcp
>> Disable rpc.nfsd from accepting TCP connections from clients.
>>
>> -U or --no-udp
>> Disable rpc.nfsd from accepting UDP connections from clients.
>
>
> And could you please document when (if ever) these options would be
> useful to an end user?
I was thinking servers behind firewalls might want to
explicitly define one protocol or the other, just
to keep things simple and I know other servers have
these options.
steved.
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
According to Steve Dickson:
> Chip Salzenberg wrote:
> >Thanks very much for the patches, but would you please add on support
> >for the '-V' flag specifying the versions that should be allowed?
> Well since everything is on by default, I figured all that
> was needed was a way to turn things off, but it would
> be a non-issue to add.
It's for future-proofing. Suppose you only wanted to export NFSv3,
that's all. You could say "-N 2" and that would be fine ... until
NFSv4 was invented, when you'd need "-N 2,4". Spelling it as "-V 3"
is more stable for the long term.
> I was thinking servers behind firewalls might want to explicitly
> define one protocol or the other, just to keep things simple [...]
OK thanks. A little doc patch might be helpful, if only along the
lines of "if you're not setting up firewall rules, these options
probably won't matter to you".
--
Chip Salzenberg - a.k.a. - <[email protected]>
Open Source is not an excuse to write fun code
then leave the actual work to others.
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
On Monday March 21, [email protected] wrote:
> Hello,
>
> The following patches fix the '-p port' command line
> argument to rpc.nfsd as well as adds following
> flags that control the NFS versions and transports that
> rpc.nfsd will use.
While this is all very good in principle, there are some details I'm
not comfortable with....
In particular, the kernel interface.
You have changed
/proc/fs/nfsd/threads
to contain not just threads information, but also port, protocol and
version information.
This is not good.
I would rather (I think) have two new files
/proc/fs/nfsd/version
and
/proc/fs/nfsd/ports
"version" should give a list of available versions, and which are
enabled, on read, and should enable or disable version on write.
e.g.
# cat version
-2 +3 -4
This means that versions 2, 3, and 4 are available. Only 3 is enabled.
# echo +4 > version
This enables version 4 (if it is available).
"ports".... should we allow different protocols to use different
ports? 2049 for tcp, but use 5123 for udp ???
I think we should probably allow for distinguishing between ipv4
and ipv6.
And would we also want to allow binding to particular IP addresses
???? or multiple ports???
Maybe a better interface is to open and bind a socket in userspace,
and pass it down to the kernel. Maybe not..
How about the "ports" file contains lines:
family:proto:address:port
e.g.
ipv4:udp:*:2049
Where new entries can added one line at a time:
echo "ipv4:tcp:*:5123" > /proc/fs/nfsd/ports
and are all read at once.
# cat /proc/fs/nfsd/ports
ipv4:udp:*:2049
ipv4:tcp:*:2049
#
Initially, the only recognised address would be "*", and multiple
ports of the same protocol would not be permitted (i.e. write(2)
returns and error).
A port could be disabled with
echo "-ipv4:udp:*:2049" > /proc/fs/nfsd/ports
maybe.
When the first thread is started, if no ports are open, the default
ports (2049 for ipv4:udp and ipv4:tcp) are openned, otherwise the
current ports are used.
I'm happy to consider changes in syntax, but I really don't like
merging these very different concepts in the one file.
NeilBrown
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs