First off freenas has come along way ... very nice!
I've recently been playing with and configuring this in a corp environment. We have big toys like netapp and equallogic in house so this is a side project for my random log storage... but what a great use
Anyway.. here goes my feature request.
I would like to see a "Restricted Access" config under the Settings tab.
This would be a place to control ipfw firewall rules per service.
Initially I'd like the ability to restrict management access (HTTP/HTTPS/SSH) services to a given network cidr block or specific host.
To make this work I think there should be a couple things that can happen or should be displayed on this "page".
o enable or disable ipfw (firewall) -- off by default
o list of current cidr / machine ips
o for those addresses that are present a checkbox to remove
o text box to enter cidr / machine ip
Further enhancements would be the ability to control these types of rules per enabled Service. So for example if a deployer wants to enable cifs for only a given subnet and the rest (of the world) don't even see this service when doing a nmap etc..
I'm sure there is some other stuff that others can add..
I'd like to note that this feature would make this product a whole lot more enticing as a player in the storage tier where it sits.
Open to thoughts bashing etc.. (( I don't have time at the moment to pull source and get a build env up but may someday ))
Great Product..
I've recently been playing with and configuring this in a corp environment. We have big toys like netapp and equallogic in house so this is a side project for my random log storage... but what a great use
Anyway.. here goes my feature request.
I would like to see a "Restricted Access" config under the Settings tab.
This would be a place to control ipfw firewall rules per service.
Initially I'd like the ability to restrict management access (HTTP/HTTPS/SSH) services to a given network cidr block or specific host.
To make this work I think there should be a couple things that can happen or should be displayed on this "page".
o enable or disable ipfw (firewall) -- off by default
o list of current cidr / machine ips
o for those addresses that are present a checkbox to remove
o text box to enter cidr / machine ip
Further enhancements would be the ability to control these types of rules per enabled Service. So for example if a deployer wants to enable cifs for only a given subnet and the rest (of the world) don't even see this service when doing a nmap etc..
I'm sure there is some other stuff that others can add..
I'd like to note that this feature would make this product a whole lot more enticing as a player in the storage tier where it sits.
Open to thoughts bashing etc..
(( I don't have time at the moment to pull source and get a build env up but may someday ))Great Product..
