[Mageia-sysadm] Installing firewall

Michael Scherer misc at zarb.org
Mon Nov 15 19:35:13 CET 2010


Le vendredi 12 novembre 2010 à 18:30 +0100, nicolas vigier a écrit :
> Hello,
> 
> The Mageia packages repository will be stored on valstar. As the
> repository will be needed on build nodes, it will have to be either
> mirrored or mounted via nfs (readonly). If we use nfs, I think we should
> first setup a firewall before installing the nfs server. 

While I agree with the firewall part, NFS and portmap are not really
very firewall friendly, as there is ( or used to be ) by default dynamic
ports involved. We can fix them of course but this has to be taken in
account. 

So wouldn't it be easier to use a simple http source ?
This would also open less ports on the firewall, les thing to check and
supervise, and less work on writing puppet manifests.

( and I will not add the fact that I deeply hate nfs for the amount of
work it gave me on the Mandriva cluster )
-- 
Michael Scherer



More information about the Mageia-sysadm mailing list