Is there a NFS alternative?

[Gilboa Davara]

On Wed, 2007-02-07 at 14:52 -0600, Arthur Pemberton wrote:
> On 2/7/07, Daniel Yek <dyek at real.com> wrote:
> > At 12:44 PM 2/7/2007, Arthur Pemberton wrote:
> > >On 2/7/07, Daniel Yek <dyek at real.com> wrote:
> > >>Hi,
> > >>
> > >>It was a while ago when I read that NFS was difficult to secure with (the
> > >>use of) ssh and iptables (or something like that).
> > >>
> > >>I really needed an alternative that works and can be made secure. Is GFS a
> > >>suitable replacement for NFS? If not, what is the closest thing to NFS?
> > >>
> > >>Thanks.
> > >
> > >Subdue NFS to use only one port, firewall all other ports
> > >off....possible filter the NFS port too?
> >
> > Thanks for replying.
> >
> > That is what I read and I was looking for an alternative to that. Is there
> > other solution? Or this is the best available solution already?
> 
> Well, if you can suggest how the solution could be made better, I or
> others can maybe suggest how to implement it.
> 
> The only other thing i can thing of is have port mapper interface with
> iptables in a plug and play type firewall way (or however Windows
> refers to it)
> 

No need to.
Just configure the ports in /etc/sysconfig/nfs and open a hole for them.
E.g:
#
# /etc/sysconfig/nfs
#
# mountd	2050/tcp
# mountd	2050/udp
MOUNTD_PORT=2050

# rquotad	2051/tcp
# rquotad	2051/udp
RQUOTAD_PORT=2051

# nlockmgr	2052/tcp
# nlockmgr	2052/udp
LOCKD_TCPPORT=2052
LOCKD_UDPPORT=2052

# status	2053/tcp
# status	2053/udp
STATD_PORT=2053
STATD_OUTGOING_PORT=2054

- Gilboa