Date: Fri, 15 Jun 2007 21:55:28 +0400 From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: "Bruce M. Simpson" <bms@incunabulum.net> Cc: freebsd-net@FreeBSD.org, Jeremie Le Hen <jeremie@le-hen.org> Subject: Re: Firewalling NFS Message-ID: <20070615175528.GL3779@void.codelabs.ru> In-Reply-To: <4672D09B.9030100@incunabulum.net> References: <20070615072734.GC8093@obiwan.tataz.chchile.org> <20070615105950.GH3779@void.codelabs.ru> <4672D09B.9030100@incunabulum.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Bruce, good day. Fri, Jun 15, 2007 at 06:47:07PM +0100, Bruce M. Simpson wrote: > I added the -p switch to mountd(8) a few years ago, as I needed to run a > read-only NFS server exposed to the outside world; to firewall it I needed a > deterministic RPC port number, which is what -p gives you. Otherwise you have > to rely on the TCP wrapper support built into rpcbind(8). The rpc.lockd and > rpc.statd daemons were recently changed to incorporate this switch too, > although I don't think it has been backported to the 6-STABLE branch yet. OK, thanks for the explanations. So, Jeremie, you will need to wait for merge of the change or backport it manually. -- Eygene
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070615175528.GL3779>