Re: What linux lacks most - a decent remote fs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Chris G wrote:

On Wed, Mar 26, 2008 at 11:44:58PM +0900, John Summerfield wrote:

Tim wrote:

On Wed, 2008-03-26 at 09:53 -0400, Tom Horsley wrote:

can't believe how widely used NFS is, because it is the source of
endless problems for me. I've never seen it work with any kind of
reliability at all. One thing I'll say for samba is that the data
actually seems to show up correctly on the other side :-). 
I've had the opposite.  Samba stalling and transferring at a rate slower
than I can retype a file.  Samba never managing to connect to the other
side.  The hassles of manually setting up each user.  The hassles of
file permissions and ownership getting screwed up in transit.  Compared
to NFS working without pain.

Though, I have to say that my painless NFS server is on a FC4 machine,
and that works fine.  I've found I've had to manually mess with
firewalling to get it to work through anything higher than FC4.


I'm surprised you don't need to with FC4. It's actually fairly simple.
[root@xxxxxxxxxxxxx sysconfig]# cat nfs
LOCKD_TCPPORT=32768
LOCKD_UDPPORT=32788
RQUOTAD_PORT=621
MOUNTD_PORT=640


Surely a far easier approach to the firewall issues is to remove the
firewall completely to the interface between your LAN and the outside
world.  I just turn the firewall off on all the systems on my LAN and
the router firewall is set up to give me the security I want.  It
simplifies maintenance too because there is only one firewall to set
up and systems behind the firewall can be as lax as they like and be
re-installed frequently without problems.
I have several subnets at school (students, staff) and at home (different physical locations). Traffic between subnets is filtered.
My firewalls filter traffic both ways. Should you actually manage to install malware inside my LAN, it might be able to do spam _if_ it can contact an IRC bot, but it probably can't do that, and certainly portscanning the world will be difficult.
If you run a web server or a whois server on a non-standard port, the odds are good I won't visit your server. 









--

Cheers
John

-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxx  Z1aaaaaaa@xxxxxxxxxxxxxxxx
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux