On Thu, 2004-08-12 at 09:32, Jacob (=Jouk) Jansen wrote: > Hi all, > > Today I tried to enable the NFS-server on one of our FC2 machines. Up to now > I only succeeded when I switched off the firewall on the machine. > > I normally use the "systemsettings --> Security level" menu from the desktop. > The resulting "Security level configuration" window only allows a few > "trusted services" (NFS not amogst them), "trusted devices" and "other ports". > Probably the best way is to insert some port-numbers. But which ones should > I allow? It is just a "standard" NFS configuration, with "standard" ports. > I use a script from http://muse.linuxmafia.org. It's called gShield and it's a really nice package. The .conf files are well commented and it supports NFS directly in the gshield.conf file. You can add in a whole boatload of your own stuff, but I haven't touched on that much. I've been mucking around with bittorrent a bit, but I don't have it running 100%. This script saves me learning everything there is to know about iptables, yet keeps the machine relatively secure.
