Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This document describes different levels of security which can be implemented on the NFS share(s) inside SoftNAS to ensure that only authorized resources can access the NFS share(s).

1. HOST LEVEL SECURITY

The This level specifies the hosts that will have access to the exported directory.

Six ways of specifying which hosts are allowed to mount the directory are available:

a. Everyone : - Any host capable of contacting your system is allowed access. This option should be used with care, especially if your the system is connected to the Internet.

b. Host(s):-   This can either be a single IP address, a single hostname, or a regular expression like *.foo.com. In the last case, any host whose reverse DNS lookup by IP address matches the expression will be allowed access.

c. WebNFS clients:-   Allows clients using Sun's WebNFS protocol to access this directory.

d. NIS Netgroup: - Allows all members of the specified NIS netgroup to access this export.

e. IPv4 Network and Netmask: - Any host in the specified subnet is allowed access. For example, if the network was 10.1.2.0 and the netmask 255.255.255.0, all hosts with IP addresses from 10.1.2.0 to 10.1.2.255 would be allowed.

f. IPv6 Address and Prefix: - Any host in the specified subnet is allowed access.

Example of my /etc/exports file for your the reference. I used option Option (e) was used to lock down my the share to only 2 specific IP CIDR ranges on my the network. So all the systems within that CIDR range will be able to mount and access the NFS share and no one else.

...