Firewalls and RPC (was "Re: Improvement to IPFilter / nfsd in
youshi10 at u.washington.edu
Thu Jan 11 22:06:02 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Chuck Swiger wrote:
> You really don't want to mix machines which are trusted with machines
> which are not trusted on the same subnet. If you can't control which
> client machines get which IPs, you pretty much cannot use firewall rules
> to restrict filesharing only to the legit clients.
> Perhaps you should consider setting up your own private subnet for your
> machines, and having a firewall guarding access to your machines which
> performs static NAT for the set of five IP addresses you've made claim to.
I'm really starting to think that'd be a good idea. Thanks again for the
comments--it really helps.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.1 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the freebsd-questions