[TriLUG] Iptables confusion
Stephen P. Schaefer
sschaefer at acm.org
Mon May 5 02:33:57 EDT 2003
Jeremy Portzer wrote:
> But he's using NFS, and there's no way to predict what ports NFS will
> use. That's why the permissive rule is necessary.
>
> --Jeremy
>
Someday, I'm going to get around to writing a script to be called from
/etc/init.d/nfs that runs rpcinfo to find the ports used by the NFS
services (mountd, nfs, status, rquotad), and then opens them up in the
firewall. Just a little more complicated than what the ntpd script does
to let your ntp server operate. The script will need to be told which
interfaces it should operate on: God help you were the internet to talk
to your NFS!
Oh, yeah: nfs stop should remove those rules.
- Stephen
More information about the TriLUG
mailing list