Jeremie, good day. Fri, Jun 15, 2007 at 09:27:35AM +0200, Jeremie Le Hen wrote: > It appears nearly impossible to firewall a NFS server on FreeBSD. > The reason is that NFS related daemons use RPC, which means they > don't bind to a deterministic port. Only mountd(8) can be requested to > bind to a specific port or fail with the -p command-line switch. > Is there any reason other than "no one has needed this yet" why this > option is not available for nfsd(8), rpc.lockd(8) and rpc.statd(8)?
NFSD binds to the port nfsd (2049) and for my -CURRENT both lockd and statd have '-p' options: ----- $ man rpc.lockd rpc.statd | grep -- -p rpc.lockd [-d debug_level] [-g grace period] [-p port] -p The -p option allow to force the daemon to bind to the specified rpc.statd [-d] [-p port] -p The -p option allow to force the daemon to bind to the specified ----- Are we talking about same entities? -- Eygene _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"