* export only to special mac addresses
@ 2002-03-21 18:07 Bernd Schubert
[not found] ` <20020323161512.GA10804@obelix.home.gunix.de>
0 siblings, 1 reply; 4+ messages in thread
From: Bernd Schubert @ 2002-03-21 18:07 UTC (permalink / raw)
To: nfs
Hi all,
we are exporting a root filesystem to several clients. Since the clients are
allowed to write to the filesystem, we have a bad feeling about security
(though we have a firewall).
To slightly increase security we would like to allow only clients with
special MAC addresses to mount this fs.
So I'd like to know if there is already support for this.
Thanks in advance,
Bernd
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: export only to special mac addresses
[not found] ` <20020323161512.GA10804@obelix.home.gunix.de>
@ 2002-03-23 16:28 ` Bernd Schubert
2002-03-24 0:25 ` Bernd Schubert
1 sibling, 0 replies; 4+ messages in thread
From: Bernd Schubert @ 2002-03-23 16:28 UTC (permalink / raw)
To: Alexander Gun; +Cc: nfs, joergb
Hello Alexander,
thanks for your information. This is helping me very much.
Bernd
> > Hi all,
> >
> > we are exporting a root filesystem to several clients. Since the clients
> > are allowed to write to the filesystem, we have a bad feeling about
> > security (though we have a firewall).
> >
> > To slightly increase security we would like to allow only clients with
> > special MAC addresses to mount this fs.
> > So I'd like to know if there is already support for this.
>
> i dont know, if therfor is support from nfs directly.
> but i think, there is a arp filter module in upcominf 2.4.19
> linux-kernel.
>
> in combination with this i think it must be
> possible to realize a nfs export to spezial mac adresses.
>
> i dont tried it, because kernel is not stable yet, but ir will be in
> near future.
>
>
> mfg ag
>
> > Thanks in advance,
> >
> > Bernd
> >
> >
> >
> > _______________________________________________
> > NFS maillist - NFS@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/nfs
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: export only to special mac addresses
[not found] ` <20020323161512.GA10804@obelix.home.gunix.de>
2002-03-23 16:28 ` Bernd Schubert
@ 2002-03-24 0:25 ` Bernd Schubert
2002-03-25 8:37 ` Markus Korth
1 sibling, 1 reply; 4+ messages in thread
From: Bernd Schubert @ 2002-03-24 0:25 UTC (permalink / raw)
To: nfs
Hello Alexander,
thanks for your information. This is helping me very much.
Bernd
> > Hi all,
> >
> > we are exporting a root filesystem to several clients. Since the clients
> > are allowed to write to the filesystem, we have a bad feeling about
> > security (though we have a firewall).
> >
> > To slightly increase security we would like to allow only clients with
> > special MAC addresses to mount this fs.
> > So I'd like to know if there is already support for this.
>
> i dont know, if therfor is support from nfs directly.
> but i think, there is a arp filter module in upcominf 2.4.19
> linux-kernel.
>
> in combination with this i think it must be
> possible to realize a nfs export to spezial mac adresses.
>
> i dont tried it, because kernel is not stable yet, but ir will be in
> near future.
>
>
> mfg ag
>
> > Thanks in advance,
> >
> > Bernd
> >
> >
> >
> > _______________________________________________
> > NFS maillist - NFS@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/nfs
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: export only to special mac addresses
2002-03-24 0:25 ` Bernd Schubert
@ 2002-03-25 8:37 ` Markus Korth
0 siblings, 0 replies; 4+ messages in thread
From: Markus Korth @ 2002-03-25 8:37 UTC (permalink / raw)
To: nfs
Bernd Schubert schrieb:
> > To slightly increase security we would like to allow only clients with
> > special MAC addresses to mount this fs.
> > So I'd like to know if there is already support for this.
>
> i dont know, if therfor is support from nfs directly.
> but i think, there is a arp filter module in upcominf 2.4.19
> linux-kernel.
>
> in combination with this i think it must be
> possible to realize a nfs export to spezial mac adresses.
>
> i dont tried it, because kernel is not stable yet, but ir will be in
> near future.
'iptables', the current filter system on Linux, has the ability to match
by MAC source adresse - this should
also work on kernels below 2.4.19 !
Ciao
Markus
--
----------------------------------------------
Senior Executive - Systemadministration
Direct Phone: + 49 / 234 9787-57
Direct Fax: +49 / 234 9787-77
ZN Vision Technologies AG
Universitaetsstrasse 160
44801 Bochum
Germany
http://www.zn-ag.com
----------------------------------------------
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2002-03-25 8:33 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-03-21 18:07 export only to special mac addresses Bernd Schubert
[not found] ` <20020323161512.GA10804@obelix.home.gunix.de>
2002-03-23 16:28 ` Bernd Schubert
2002-03-24 0:25 ` Bernd Schubert
2002-03-25 8:37 ` Markus Korth
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.