pf blocking nfs
Chuck Swiger
cswiger at mac.com
Wed Nov 30 03:12:40 GMT 2005
Aaron P. Martinez wrote:
> I am running FreeBSD 6.0-release and setting up a very basic firewall
> using pf on my workstation. The ruleset is as follows:
>
> block in log all
> pass quick on lo0 all
> #pass in on $ext_if proto tcp from any to $ext_if port 22 keep state
> pass out on fxp0 proto { tcp, udp, icmp } all keep state
Your firewall config is not enough to permit NFS to pass. You might
consider adding a "pass all" rule for machines on the local subnet.
[ Perhaps you should re-evaluate your network so that you do not attempt
to pass NFS through the firewall. If you have to do filesharing between
machines over an untrusted connection, should should consider a VPN or
SSH tunnel approach instead. ]
--
-Chuck
More information about the freebsd-questions
mailing list