Date: Sun, 03 Apr 2005 20:48:22 +0200 From: =?UTF-8?B?RXJpayBOw7hyZ2FhcmQ=?= <norgaard@locolomo.org> To: Matt Juszczak <matt@atopia.net> Cc: freebsd-questions@freebsd.org Subject: Re: IPFILTER and NFS Message-ID: <42503A76.20309@locolomo.org> In-Reply-To: <425030A0.4000809@atopia.net> References: <424F8B94.7050006@atopia.net> <424FCDD3.6040507@locolomo.org> <425030A0.4000809@atopia.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Matt Juszczak wrote:
> I dont have access to the nfs server... only the client. Your
> configuration info showed me making changes on the server. is there a
> way to make the client work ok?
Just let your client connect to any port on the server - keep state so
you can block incoming connections:
pass out quick on <interface> proto tcp from <client>/32 \
to <nfs-server>/32 flags S keep state
pass out quick on <interface> proto udp from <client>/32 \
to <nfs-server>/32 keep state
Erik
--
Ph: +34.666334818 web: http://www.locolomo.org
S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt
Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9
Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42503A76.20309>