[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: NFS tcp wrapper situation



On Wed, 2009-01-21 at 18:48 -0600, Chris Adams wrote:
>  
> That brings me back to RPC services though, which means NFS (which
> started all of this).  Some of the NFS component services have fixed
> ports now (even though they still register with portmapper), such as
> nfsd (2049) and rquotad (875), but I believe that mountd, lockd, and
> statd all run on portmapper-assigned random ports.  The only way to
> control access to them is currently TCP_wrappers.

However each of these do allow you to set a specific port they'll run
on, so that you /can/ use iptables with them.  I've been running them
that way for years.

-- 
Jesse Keating
Fedora -- FreedomĀ² is a feature!
identi.ca: http://identi.ca/jkeating

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]