[SlugBug] sharing a file system between a DMZ and private network.

[Bruno Postle]

On Tue 30-Sep-2003 at 11:03:20AM +0100, David Holden wrote:
> 
> The typical firewall setup is private/DMZ/public. Does anyone know
> of ways of addressing the problem of machines in the DMZ accessing
> file systems located on machines in the private area and vica
> versa.

This is the kind-of thing that firewalls and "de-militarized zone"
arrangements are designed to _stop_ you doing..

Can you rearrange the network so that the data is stored in the DMZ?
This is generally what you need a DMZ for in the first place.

..or if the data isn't changing all the time, you could rsync it
from your internal network to the machines in the DMZ.

> I know it would be possible to configure NFS access between
> the two but this involves opening quite a view ports

It's worse than that, NFS uses random port numbers.

-- 
Bruno