Jeremie, good day.
Fri, Jun 15, 2007 at 09:27:35AM +0200, Jeremie Le Hen wrote:
> It appears nearly impossible to firewall a NFS server on FreeBSD.
> The reason is that NFS related daemons use RPC, which means they
> don't bind to a deterministic port. Only mountd(8) can be requested to
> bind to a specific port or fail with the -p command-line switch.
> Is there any reason other than "no one has needed this yet" why this
> option is not available for nfsd(8), rpc.lockd(8) and rpc.statd(8)?
NFSD binds to the port nfsd (2049) and for my -CURRENT both lockd
and statd have '-p' options:
-----
$ man rpc.lockd rpc.statd | grep -- -p
rpc.lockd [-d debug_level] [-g grace period] [-p port]
-p The -p option allow to force the daemon to bind to the specified
rpc.statd [-d] [-p port]
-p The -p option allow to force the daemon to bind to the specified
-----
Are we talking about same entities?
--
Eygene
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
