In the last episode (Jul 14), Artem Koutchine said: > I need sime kind of network file system which has a FreeBSD server > and Windows clients (particulary Windows XP) and that FreeBSD file > share must be mounted on Windows XP under a drive letter. Windows > client is FAR FAR away and is behind nat. Traffic costs a lot, so > that file system must not waste it for nothing. Of course, security > is very important and security based on IP address is impossible, > because client is behind nat.
For any of the solutions you describe, you will definitely want to set up a VPN between the client and server, and if possible have it compress the data. Never allow raw filesystem access to the entire Internet :) > 1) Samba3 > > I think i could use it with user security (not share or maybe mixed) > but i am not sure about making it open to internet and also i think > it wastes bandwidth. Am i wrong? It should be no more inefficient than any of the others, really. Theres a different amount of overhead for each protocol, but they're all small compared to the actual data sent when doing a file copy, for example. > 4) NFS > > Well, i like it very much because we use for freebsd file shareing > since year 2000. Hoever, i could not find free NFS client for Windows > (but, hell, i'll buy it) but what's worse i get figure out how to > make authorizartion based on user/password and not on /etc/exports. I > need something more secure. Also, am not sure about bandwidth usage. Microsoft has a nice NFS client/server implementation in its free Services for Unix product. http://www.microsoft.com/windows/sfu/ . If you use VPNs, you should be able to control the local IP number that gets assigned to each VPN user, so you could use that to filter access in /etc/exports (and use the -mapall flag to force specific userids for each incoming IP). -- Dan Nelson [EMAIL PROTECTED] _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
