Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Firewall versus NFS

Patrick, Stephen,

Thank you for responding.

Stephen J. Turnbull wrote:
Set up a rule to log attempts to connect from *any* to *any*
originating at the client machine (, is that right?) and
find out what it's doing.
I think that Patrick might be right about the changing ports. I watched the events log in the Firestarter interface as Stephen suggested, and when I attempted to connect to the server from another machine, it said it blocked a connection from port 980.

And then I saw in other attempts that it said it blocked attempts on port 979, 976, 964... Seemingly within a tight range of numbers. But I don't know if I can be sure it will always stay in that range.

So I checked on the net about this, and I saw this page:

Seems to indicate that I can constrain the ports used by NFS by editing /etc/conf.d/nfs and putting this in there:

# Number of servers to be started up by default
# Options to pass to rpc.mountd
# ex. RPCMOUNTDOPTS="-p 32767
# Options to pass to rpc.statd
# ex. RPCSTATDOPTS="-p 32765 -o 32766"

And then there's some options after that which I don't understand, because it involves a rather detailed list of "if your system is this then do that, but if your system is that then do this" type of instructions.

And these instructions are for Gentoo, so I want to be sure they are universal before I apply them.

What do you guys think?

Dave M G
Ubuntu 7.04 Feisty Fawn
Kernel 2.6.20-15-generic
Pentium D Dual Core Processor

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links