Skip site navigation (1)Skip section navigation (2) 
Date:      18 Apr 2005 09:09:36 -0400
From:      Lowell Gilbert <freebsd-questions-local@be-well.ilk.org>
To:        "Florian Hengstberger" <e0025265@student.tuwien.ac.at>
Cc:        FreeBSD mailinglist <freebsd-questions@freebsd.org>
Subject:   Re: which interface: mountd,rpcbind
Message-ID:  <44ekd8z0xb.fsf@be-well.ilk.org>
In-Reply-To: <if1ro5.icuujw@webmail.tuwien.ac.at>
References:  <if1ro5.icuujw@webmail.tuwien.ac.at>
next in thread | previous in thread | raw e-mail | index | archive | help 
"Florian Hengstberger" <e0025265@student.tuwien.ac.at> writes:

> Hi!
> I really worry about that it seems (man mountd, man rpcbind)
> impossible to specifiy the interface these daemons bind to.
> 
> Specifing this in rc.conf
> 
> rpcbind_enable="YES"
> rpcbind_flags="-h 192.168.0.1"
> nfs_server_enable="YES"
> nfs_server_flags="-t -n 4 -h 192.168.0.1"
> mountd_flags="-r"
> 
> the output of sockstat -l is this:
> root     nfsd       398   3  tcp4   192.168.0.1:2049      *:*
> root     mountd     396   4  udp4   *:812                 *:*
> root     mountd     396   5  tcp4   *:912                 *:*
> root     mountd     396   6  udp6   *:811                 *:*
> root     mountd     396   7  tcp6   *:911                 *:*
> root     rpcbind    329   4  udp6   *:*                   *:*
> root     rpcbind    329   5  stream /var/run/rpcbind.sock
> root     rpcbind    329   6  udp6   ::1:111               *:*
> root     rpcbind    329   7  udp6   *:*                   *:*
> root     rpcbind    329   8  udp6   *:1023                *:*
> root     rpcbind    329   9  tcp6   *:111                 *:*
> root     rpcbind    329   10 udp4   127.0.0.1:111         *:*
> root     rpcbind    329   11 udp4   192.168.0.1:111       *:*
> root     rpcbind    329   12 udp4   *:808                 *:*
> root     rpcbind    329   13 tcp4   *:111                 *:*
> bind     named      314   20 udp4   192.168.0.1:53        *:*
> bind     named      314   21 tcp4   192.168.0.1:53        *:*
> bind     named      314   22 udp4   127.0.0.1:53          *:*
> bind     named      314   23 tcp4   127.0.0.1:53          *:*
> bind     named      314   24 udp4   *:53                  *:*
> ...
> 
> The man page of sockstat does not give information about * int
> the last column, but I assume this means 'listens on all interfaces'.
> How can I avoid this?

You can't, as far as I can see.  Looks like it would be an afternoon's
work to add it in, but I wouldn't think it's worth worrying about it.
Since you bind to an address already, a packet filter firewall will
protect you from access on the wrong interface.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44ekd8z0xb.fsf>