On Wed, 2009-01-21 at 18:48 -0600, Chris Adams wrote:
That brings me back to RPC services though, which means NFS (which
started all of this). Some of the NFS component services have fixed
ports now (even though they still register with portmapper), such as
nfsd (2049) and rquotad (875), but I believe that mountd, lockd, and
statd all run on portmapper-assigned random ports. The only way to
control access to them is currently TCP_wrappers.
However each of these do allow you to set a specific port they'll run
on, so that you /can/ use iptables with them. I've been running them
that way for years.
--
Jesse Keating
Fedora -- Freedom² is a feature!
identi.ca:
http://identi.ca/jkeating