On Tue, May 16, 2006 at 03:29:25PM +0200, Niki Kovacs enlightened us:
Selon Charles Lacroix clacroix@cegep-ste-foy.qc.ca:
You will also need to add something like this
iptables -I INPUT -i eth0 -j ACCEPT
which will allow anything to connect to the server from inside ( if eth0 is your internal network card )
put this just before your iptables -A INPUT -P DROP
Thanks very much! That worked!
I'm one step further, in front of the next problem. On the server side, my /etc/exports looks like this:
--8<--------- /vrac 192.168.1.5(rw)
For the moment, I don't bother about security, I just set up a no-frills configuration and try to fine-tune and secure it later. So no hosts.allow or hosts.deny. Of course, the /vrac directory exists, and there's some stuff in it.
I start the server.
On the client (192.168.1.5) side, I have a /localvrac directory. Now I do this:
# mount 192.168.1.1:/vrac /localvrac
I cd into localvrac (as root), and I can see the contents of the remote directory. So far so good. Put as soon as I try to either open one of the text files or do a 'touch something.txt', I get a Permission denied error.
What did I do wrong?
You didn't read the exports(5) man page, especially the section on User ID Mapping.
Matt