firewalling scripts
Neil Joseph Schelly
neil at jenandneil.com
Tue Feb 1 18:39:00 EST 2005
On Tuesday 01 February 2005 05:49 pm, Ken D'Ambrosio wrote:
> Neil Joseph Schelly wrote:
> >Firestarter is my favorite Debian one... Great GUI interface for
> > configuring it, pretty good flexibility for both simple firewalls and NAT
> > router setups. And it comes with both the GUI and the init.d scripts to
> > start up on system start.
>
> I really liked firestarter, too... EXCEPT that I was utterly unable to
> get it to allow NFS. So, whamo -- every so often, it'd start up, and no
> more homedir for me. Anyone have an idea about how to get around that?
>
> Thanks...
>
> -Ken
NFS is always a little tough on firewalls, but you have to make sure that the
RPC services are available through the firewall too. And since some of their
ports are only available by querying portmapper usually as they are randomly
assigned at startup (usually). It's been awhile since I set this up, but I
believe I was able to hardcode some ports in for these things in their
startup scripts under init.d. Then you can allow those ports through the
firewall (along with portmapper of course).
Good luck,
-N
More information about the gnhlug-discuss
mailing list