On 6/21/06, Clint Pachl <[EMAIL PROTECTED]> wrote:
Because portmap(8) dynamically assigns the mountd(8) port, how would one write a pass rule in pf for mountd(8) traffic? My problem is that every time mountd(8) is re/started, it operates on a different port and my fixed pf rules block the mount protocol and, consequently, my clients cannot mount an NFS share.
i file nfs traffic into the "stuff not supposed to be going through the firewall" category. a firewall implies there are bad people on one side of it, and you don't want bad people to access nfs, ever. i'd use a vpn of some sort to tunnel through the firewall.
