Coda File System

Re: Coda and firewalls - not really using well known ports

From: Brad Clements <bkc_at_murkworks.com>
Date: Sun, 4 Feb 2001 16:24:30 -0500
On 4 Feb 2001, at 16:11, Jan Harkes wrote:

> As far as server-server, updateclnt-updatesrv, and volutil-server are
> concerned, Servers are assumed to be co-located (i.e. in the same
> machine room), so they will have problems with firewalls. I don't think
> that `fixing' this is very important as it actually improve security (or at
> least obscurity) of these daemons behind a firewall.

Bummer.

Well I'm running 3 coda servers.. one of which is outside my firewall and 
behind it's own firewall.

Soon I'll add a 4th server, also behind it's own firewall.

"Co-Located" probably isn't really the definition you mean. I suspect "well 
connected" is a better requirement, in which case the number of 
intervening firewalls shouldn't really matter. So long as the connectivity is 
good.

In my case, it's good.. but I also need firewall security at both locations.

> > What's the best way to fix this?  Can someone point me towards the 
> > offending sub-system or code? Maybe I can take a whack at the problem.
> 
> Eh, it doesn't really fall into any subsystem. It involves (at least)
> the following daemons and applications: updateclnt, updatesrv, volutil,
> codasrv, backup.

Oh boy.


Brad Clements,                bkc_at_murkworks.com   (315)268-1000
http://www.murkworks.com                          (315)268-9812 Fax
netmeeting: ils://ils.murkworks.com               AOL-IM: BKClements
Received on 2001-02-04 16:18:52