Hi Alfred, On Fri, Jun 15, 2007 at 10:40:05PM -0700, Alfred Perlstein wrote: > * Jeremie Le Hen <[EMAIL PROTECTED]> [070615 01:07] wrote: > > Hi, > > > > It appears nearly impossible to firewall a NFS server on FreeBSD. > > I would be nearly impossible if one didn't know much about NFS.
It is surely my case. > Care to rephrase your assertion? The new assertion is then: I don't know how to firewall my NFS server which is running FreeBSD 6.2. > > The reason is that NFS related daemons use RPC, which means they > > don't bind to a deterministic port. Only mountd(8) can be requested to > > bind to a specific port or fail with the -p command-line switch. > > Is there any reason other than "no one has needed this yet" why this > > option is not available for nfsd(8), rpc.lockd(8) and rpc.statd(8)? > > this is wrong, wrong and more wrong. Sorry, I checked RELENG_6. I've been told that rpc.lockd(8) and rpc.statd(8) now have the "-p" option in -CURRENT. It seems that nfsd(8)'s port number is assigned in recorded in services(5). Therefore my question will be totally pointless once rpc.lockd(8) and rpc.statd(8) "-p" option will be MFC'd to RELENG_6. Sorry for the noise guys. Thank you for your replies though. Best regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org > _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
