Christian Joensson
2004-Nov-09 11:47 UTC
Setting up a two-interface shorewalled system supporting local NIS/YP and NFS
Hello all. You might understand by now that I''m experimenting with shorewall on my FC3 (kinda) system. It''s a two interfaced system, with the internet on eth0, net, and the local network on eth1, loc. the machine fw runs shorewall 2.0.10 right now. The thing is that I want to try to use NIS/YP on the local machines and have fw run the ypserv. Furthermore, I''d like to have NFS working such that exported file systems from fw are mountable on the local machines, also under autofs. well, the rest I guess, are standard, like smtp, http, ftp, etc. Cheers, /ChJ
Tom Eastep
2004-Nov-09 14:47 UTC
Re: Setting up a two-interface shorewalled system supporting local NIS/YP and NFS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Christian Joensson wrote: | Hello all. | | You might understand by now that I''m experimenting with shorewall on my | FC3 (kinda) system. It''s a two interfaced system, with the internet on | eth0, net, and the local network on eth1, loc. the machine fw runs | shorewall 2.0.10 right now. | | The thing is that I want to try to use NIS/YP on the local machines and | have fw run the ypserv. Furthermore, I''d like to have NFS working such | that exported file systems from fw are mountable on the local machines, | also under autofs. | | well, the rest I guess, are standard, like smtp, http, ftp, etc. | If you are going to use your firewall as a server, then you may as well just add these two policies: fw loc ACCEPT loc fw ACCEPT and do away with all fw<->loc rules. Especially if you are going to be using apps that use portmapping (which it appears that you are). - -Tom - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFBkNiWO/MAbZfjDLIRAkRVAJ0aPangfaKGqx2Ng6k8APBZGRz/3QCeMKm5 s8Y45bV48WuO00b5KgCCTyY=+qJa -----END PGP SIGNATURE-----
Possibly Parallel Threads
- Shorewall on FC3?
- How do I control shorewall when src and dst ports are different? [Or, sunrpc problems]
- Samba 3.0.0 beta2 Aurora SPARC Linux rpm binary
- Help with making samba-3.0.0 PDC and adding a XP/Pro client (and domain user accounts)
- Samba read and write exporting a vfat partition from linux/intel