Chris Hall wrote:
> Help !  I am failing to set up a secure NFS server.  (Generally thought
> to be impossible by most sources !)
> 
> I am running a fully up to date Fedora 7.
> 
>   kernel-2.6.22.9-91.fc7
>   nfs-utils-lib-1.0.8-10.fc7
>   nfs-utils-1.1.0-3.fc7
>   libtirpc-0.1.7-9.fc7
>   rpcbind-0.1.4-6.fc7
> 
> I have been trying to get NFSv4 working between a client on the inside
> of my firewall and a server on the outside (DMZ).
> 
>  a. I thought NFSv4 would be better because it apparently only requires
>     the one TCP port, which is easier to manage.  This turns out not to
>     be entirely the case -- umount appears to still want to talk to port
>     111 to find mountd.

This is a known bug in nfs-utils-1.1.0, and was addressed in 
nfs-utils-1.1.1, just released last week.  NFSv4 certainly doesn't need 
to talk to mountd.  The umount.nfs[4] command was changed to skip the 
mountd step when unmounting "nfs4" file systems.