NFS tcp wrapper situation
Jesse Keating
jkeating at redhat.com
Thu Jan 22 01:50:10 UTC 2009
On Wed, 2009-01-21 at 18:48 -0600, Chris Adams wrote:
>
> That brings me back to RPC services though, which means NFS (which
> started all of this). Some of the NFS component services have fixed
> ports now (even though they still register with portmapper), such as
> nfsd (2049) and rquotad (875), but I believe that mountd, lockd, and
> statd all run on portmapper-assigned random ports. The only way to
> control access to them is currently TCP_wrappers.
However each of these do allow you to set a specific port they'll run
on, so that you /can/ use iptables with them. I've been running them
that way for years.
--
Jesse Keating
Fedora -- Freedom² is a feature!
identi.ca: http://identi.ca/jkeating
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20090121/d9371cfc/attachment.sig>
More information about the fedora-devel-list
mailing list