Difference between revisions of "Firewall Configuration"
From OSNEXUS Online Documentation Site
m (→Blocking iSCSI Access) |
m (→Blocking Network Share Access) |
||
Line 2: | Line 2: | ||
− | == Blocking Network Share | + | == Blocking Network Share access via NFS == |
− | + | ||
− | + | ||
If you're not using Network Shares with NFS you can block NFS service access like so: | If you're not using Network Shares with NFS you can block NFS service access like so: | ||
touch /etc/init.d/iptables.blocknfs | touch /etc/init.d/iptables.blocknfs | ||
service iptables restart | service iptables restart | ||
− | + | == Blocking Network Share access via CIFS/SMB == | |
If you're not using Network Shares with CIFS/SMB Windows clients you can block SMB access to the Samba service access like so: | If you're not using Network Shares with CIFS/SMB Windows clients you can block SMB access to the Samba service access like so: | ||
touch /etc/init.d/iptables.blocksmb | touch /etc/init.d/iptables.blocksmb |
Revision as of 16:51, 15 May 2015
For most deployments there is no need to add firewall rules to block the standard storage services like NFS, CIFS, iSCSI. That said, for systems deployed with elevated security requirements or systems with ports that are facing public networks it is useful to block services that are not being used. The following sections outline how to block various storage services within QuantaStor using firewall rules.
If you're not using Network Shares with NFS you can block NFS service access like so:
touch /etc/init.d/iptables.blocknfs service iptables restart
If you're not using Network Shares with CIFS/SMB Windows clients you can block SMB access to the Samba service access like so:
touch /etc/init.d/iptables.blocksmb service iptables restart
Blocking Storage Volume / iSCSI Access
If you're not using Storage Volumes via iSCSI you can block access to the iSCSI target service access like so:
touch /etc/init.d/iptables.blockiscsi service iptables restart