Lew Wolfgang wrote:
On 5/1/23 08:37, Per Jessen wrote:
Using NFS across a firewall is not typically done. Clients and servers are all expected to be on a trusted network. It is possible NFSv4 has made changes in this respect, I haven't looked.
We use NFS with the host-based firewalls running, both SuSEfirewall2 and firewalld.
Like I have suggested before, you and Carlos are kindred spirits :-)
I disagree. If the network is trusted, what is the point of a firewall?
It's good security practice, we've been doing it for decades.
I'm sorry, what is "good security practice"? not trusting your trusted network?
Indeed, that we could do that was once justification to not use Windows! It protects well-behaved Linux boxes from those rude and insecure Windows cesspools on the same subnet.
In other words, you don't have a trusted network, hence the need for firewalls. Makes perfect sense. -- Per Jessen, Zürich (11.8°C) Member, openSUSE Heroes (2016 - present) We're hiring - https://en.opensuse.org/openSUSE:Heroes