Hi Tom,

Thanks for your reply. It took a while for it to sink in, but I finally realized that I don't, in fact, need two zones to accomplish what I want. Because each machine is independent with it's own statis IP address (each is both a server and a client to the other) they each have their own (personal) firewall operating.
So, I have no change to the default /interfaces file nor the default /zones file. My only change is to /rules on each machine, to accept traffic from the other machine:

ACCEPT    net:    fw    all
ACCEPT     fw:    net    all

I can do NFS file sharing and printer sharing, still in STEALTH mode (GRC test).

Perhaps this info will help the next newbie with a similar problem.

Thanks again

On Sat, Apr 25, 2009 at 3:00 PM, Tom Eastep <teastep@shorewall.net> wrote:
Michael Harrison wrote:
> Hi
> I'm new to Linux (terminally frustrated Windows user) and have recently
> installed PClinuxOS  on two machines at home. I've set up NFS shared
> home directories on both machines, which I can mount and access fine
> only when Shorewall is stopped. I've read a few guides on Shorewall
> configuration, including those at shorewall.net <http://shorewall.net>,
> and tried everything that made sense, to no avail - Shorewall blocks the
> mount requests.
> I'm thinking that the problem is with my environment (although it was
> working under Windows with File Sharing). I have the two computers
> attached via a Netgear 4 port hub. The hub is also attached to a
> Motorolla Cable Modem for Internet access. I don't have a domain, (under
> Windows the sharing was done via a Workgroup) and the two computers have
> very different static IP's assigned by Comcast, my ISP.
> The PClinuxOS install automatically set up eth0 and the Internet
> connections worked fine. Is there a way to tell Shorewall to allow the
> loc lan accesses on the same interface (eth0) as the net? A way to add
> another interface (with just the Netgear hub) ?
> I have tried using "-" for zone in the interfaces file, and adding
> "loc:123.456.789.01" and "net detect" in the hosts file but that results
> in a syntax error for the net zone.

I'm a but unclear about the configuration. You have two independent
machines on a hub that is cabled to the cable modem. Is there a third
system that hosts the NFS-mounted home directories or is one of the
machines hosting them?

Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

Crystal Reports &#45; New Free Runtime and 30 Day Trial
Check out the new simplified licensign option that enables unlimited
royalty&#45;free distribution of the report engine for externally facing
server and web deployment.
Shorewall-users mailing list