On Mon, 2008-03-24 at 15:29 -0400, Alastair Neil wrote:
from the looks of it you are using NFSv3 exports, so enabling NFS4
the firewall tool buys you nothing.
I'd come to a similar conclusion about my own system. I'm using the
auto mounting system  to get to shared resources, and I'd enabled the
NFS4 option in the firewall configuration. You'd think that that Fedora
would use NFS4 by default, but it doesn't seem to.
It makes the automounter and firewall options rather useless. Prior
releases had an easy way around it (NB: a workaround, not a real
solution): You could mark a particular interface as being trustworthy.
So that, eth0, for instance, was treated as your LAN, without firewall
rules in the way, and ppp0 as WAN with lots of protection from firewall
1. e.g. cd /net/server/filestore/
And it'd auto-mount the "filestore" export from the "server"
the "/net" directory.
(This computer runs FC7, my others run FC4, FC5 & FC6, in case that's
important to the thread.)
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.