Restricting access to NFS shares can be done by restricting firewall access (iptables), or by configuring the /etc/exports file. The /etc/exports file can restrict access to a single machine, a wildcard, or an IP network.
It all starts with installing and starting NFS
- yum install nfs-utils rpcbind
- service nfs start
- service rpcbind start
Restricting to a single machine (can be exported to an IP or hostname)
- Edit /etc/exports
- Configure the export command like the following
- /media 192.168.10.10(rw,no_root_squash)
- Restart the service – service nfs restart
Restricting to a wildcard — this allows exporting to a name or IP address with wildcards
- Edit /etc/exports
- Configure the export command like the following
- /media *.example.com(rw,no_root_squash)
- or /media 192.168.*10(rw,no_root_squash)
- Restart the service – service nfs restart
Restricting to an IP network — this allows exporting to an entire subnet, or group of addresses
- Edit /etc/exports
- Configure the export command like the following
- /media 192.168.10.0/24(rw,no_root_squash)
- Restart the service – service nfs restart
Comments
Post a Comment