NFS — Provide network shares suitable for group collaboration
Restricting access to NFS shares can be done by restricting firewall access (iptables), or by configuring the /etc/exports file. The /etc/exports file can restrict access to a single machine, a wildcard, or an IP network.
It all starts with installing and starting NFS
- yum install nfs-utils rpcbind
- service nfs start
- service rpcbind start
Restricting to a single machine (can be exported to an IP or hostname)
- Edit /etc/exports
- Configure the export command like the following
- /media 192.168.10.10(rw,no_root_squash)
- Restart the service – service nfs restart
Restricting to a wildcard — this allows exporting to a name or IP address with wildcards
- Edit /etc/exports
- Configure the export command like the following
- /media *.example.com(rw,no_root_squash)
- or /media 192.168.*10(rw,no_root_squash)
- Restart the service – service nfs restart
Restricting to an IP network — this allows exporting to an entire subnet, or group of addresses
- Edit /etc/exports
- Configure the export command like the following
- /media 192.168.10.0/24(rw,no_root_squash)
- Restart the service – service nfs restart
In response to these lines :
Restricting to an IP network — this allows exporting to an entire subnet, or group of addresses
Edit /etc/exports
Configure the export command like the following
/media 192.168.10.0/24(rw,no_root_squash)
Restart the service – service nfs restart
my reply: i think the way you have written netmask is incorrect. if i am not mistaken, the correct way is ::
/media 192.168.10.0/255.255.255.0(rw,no_root_squash)
For anyone reading…
192.168.10.024 is correct. The 24 is the CIDR. If you take a Network+ class or learn a little more about subnetting, this will become obvious. 24 indicates a class C network with the IP address 192.168.10.0 is associated with the netmask 255.255.255.0 by using the CIDR notation of 192.168.10.0/24 . This means that the first 24 bits of the IP address given are considered significant for the network routing. So IP 192.168.10.1-192.168.10.254 are included as useable addresses and 192.168.10.0 is reserved as the NetID.