NFS too slow when using IPTables on NetBoot Client

Hello,

We use NFS,TFTPBoot and PXE to boot webservers off a NFS-Server. So we have "thin-servers" with no harddisk inside.

The webservers have 2 network interfaces,
eth0 is connected to the internet switch, and has an internet-ip
eth1 is connected to a private switch, and has a 192.168.1.x ip

I want to secure the webserver by running iptables on the webserver.
When I write some rules, including allowing all traffic through eth1, and I start iptables, everything works, but the NFS is very slow.

Is there a possibility to make iptables only filter eth0 and not look to the packets trough eht1? If needed I can recompile the kernel.
Or should I use an other firewall package wich can do this?

Kind regards,
Jeroen Vermeulen - Alphamega hosting

 

 

 

 

Top