Firewalling NFS

Jeremie Le Hen jeremie at
Fri Jun 15 08:01:45 UTC 2007


It appears nearly impossible to firewall a NFS server on FreeBSD.
The reason is that NFS related daemons use RPC, which means they
don't bind to a deterministic port.  Only mountd(8) can be requested to
bind to a specific port or fail with the -p command-line switch.
Is there any reason other than "no one has needed this yet" why this
option is not available for nfsd(8), rpc.lockd(8) and rpc.statd(8)?

Best regards,
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >

More information about the freebsd-net mailing list