On 2023-05-02 08:44, Per Jessen wrote:
Carlos E. R. wrote:
On 2023-05-01 17:55, Dave Howorth wrote:
On Mon, 01 May 2023 17:37:25 +0200
I run both nfs server and clients in all my computers in my LAN, and I do want to keep all my machines with an active firewall. This is pretty normal.
I disagree. If the network is trusted, what is the point of a firewall?
I don't see the point in not using it.
It might be easier if you simply listed the reasons for using a firewall on a trusted network. I find the idea intriguing.
I find the idea of not running it intriguing and naive.
I have been using NFS for decades across a firewall on each computer, no issues. Works fine with SuSEfirewall2.
Does in no way imply it was the right thing to do. My late mum smoked a couple of packets of cigarettes every day for decades, no issues.
Oh, yes, it is the right thing to do. Your example is against the law.
The problem is that it doesn't know about the dynamic ports it opens. The hack is to make the server use a small range of ports and independently open them.
Oh, you have a problem and you need a hack .... yeah, like I said, don't expect everything to work when you are not adhering to the commonly accepted conditions.
What commonly accepted conditions?
Anyway, enough of that - when we can't agree on what a trusted network is, I think it's best to stop.
Ok. -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)