[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

NFS and denying access to subnets



OK I've been trying for ages now but I just can't seem to get this into my head.

I have 8 subnets on my network 10.1.1.0 mask is 255.255.255.224 or /27, I would like all but one of these subnets to be able to mount from my NFS server. So I thought I'd add the relevant lines into /etc/hosts.allow and /etc/hosts.deny;

It's long, so I've shortened it.
/etc/host.allow
portmap:10.1.1.0/255.255.255.224
lockd:10.1.1.0/255.255.255.224
mountd:10.1.1.0/255.255.255.224
rquoted:10.1.1.0/255.255.255.224
statd:10.1.1.0/255.255.255.224
portmap:10.1.1.32/255.255.255.224
lockd:10.1.1.32/255.255.255.224
mountd:10.1.1.32/255.255.255.224
rquoted:10.1.1.32/255.255.255.224
statd:10.1.1.32/255.255.255.224

And all the other 5 networks.

And in the /etc/hosts.deny

portmap:10.1.1.160/255.255.255.224
lockd:10.1.1.160/255.255.255.224
mountd:10.1.1.160/255.255.255.224
rquoted:10.1.1.160/255.255.255.224
statd:10.1.1.160/255.255.255.224

I have restarted NFS and Portmap, but alas those systems on the 160 network can still mount and see nfs mounts.

Am I barking up the wrong tree and is there an easier way to accomplish this ?

Many thanks

Neil.

--
Neil Marjoram
Systems Manager
Adastral Park Campus
University College London
Ross Building
Adastral Park
Martlesham Heath
Ipswich - Suffolk
IP5 3RE

Reclaim Your Inbox!
http://www.mozilla.org/products/thunderbird


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]