[vpn] Re: vpn nfs (fwd)

AlanCB rage at dial.eunet.ch
Sat Oct 20 05:42:26 EDT 2001



-- 
GnuPG (PGP 5.x compatible) public key at http://www.math.ethz.ch/~rage


---------- Forwarded message ----------
Date: Fri, 19 Oct 2001 18:50:07 -0500 (CDT)
From: Tina Bird <tbird at precision-guesswork.com>
To: AlanCB <rage at dial.eunet.ch>
Subject: Re: vpn nfs

pls forward to vpn at securityfocus.com

On Fri, 19 Oct 2001, AlanCB wrote:

> Date: Fri, 19 Oct 2001 22:11:03 +0200 (CEST)
> From: AlanCB <rage at dial.eunet.ch>
> To: tbird at precision-guesswork.com
> Subject: vpn nfs
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hallo Tina
>
> Thanks for your great site on vpn's. I took a good look through it,
> however I didnt find the information I need. Perhaps you could show give
> me some tips where to look, or maybe even assist me in this matter. I've
> been a sysadmin at the ETH (Swiss Federal Institute of Technology) for
> several months now and I'm extremely interested in introducing a vpn into
> our department.
> I'm using the tool gShield which can be found at:
> http://muse.linuxmafia.org/gshield.html
> It utilizes iptables on the linux box I'm running. Within our subnet we
> use an NFS server which not only contains our user's homes, but
> also all our software. Behind our firewall/gateway we have a private range
> class C subnet, which contains users who amongst other things use the NFS
> server.
> My problem:
> The users should have r+w perms on their own directories only, and r only
> on the software dir. Instead of setting multiple permissions on the NFS
> server, which is basically impossible, I need a way of setting permissions
> on my vpn gateway. With your experience, is there a tool or method you
> know of which enables this ? A blunt question, I know, however I'd much
> appreciate your help.
>
> Whatever help you can offer is much appreciated.
>
> greetings
> AlanCB
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
>
> iD8DBQE70Ijbt/sRD4MkngARAlGFAKCUH+44iwU8V/A3D9X+3L7u1+Cr4ACeOsV8
> kVyQSXFGS9Um9I+UZzJMx9U=
> =BwQ0
> -----END PGP SIGNATURE-----
>

"I was being patient, but it took too long." -
                                Anya, "Buffy the Vampire Slayer"

LogAnalysis: http://kubarb.phsx.ukans.edu/~tbird/log-analysis.html
VPN:  http://kubarb.phsx.ukans.edu/~tbird/vpn.html




VPN is sponsored by SecurityFocus.com





More information about the VPN mailing list