Date: Fri, 15 Jun 2007 22:40:05 -0700 From: Alfred Perlstein <alfred@freebsd.org> To: Jeremie Le Hen <jeremie@le-hen.org> Cc: freebsd-net@FreeBSD.org Subject: Re: Firewalling NFS Message-ID: <20070616054005.GU96936@elvis.mu.org> In-Reply-To: <20070615072734.GC8093@obiwan.tataz.chchile.org> References: <20070615072734.GC8093@obiwan.tataz.chchile.org>
next in thread | previous in thread | raw e-mail | index | archive | help
* Jeremie Le Hen <jeremie@le-hen.org> [070615 01:07] wrote: > Hi, > > It appears nearly impossible to firewall a NFS server on FreeBSD. I would be nearly impossible if one didn't know much about NFS. Care to rephrase your assertion? > The reason is that NFS related daemons use RPC, which means they > don't bind to a deterministic port. Only mountd(8) can be requested to > bind to a specific port or fail with the -p command-line switch. > Is there any reason other than "no one has needed this yet" why this > option is not available for nfsd(8), rpc.lockd(8) and rpc.statd(8)? this is wrong, wrong and more wrong. -- - Alfred Perlstein
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070616054005.GU96936>