On Mon, 25 Sep 2006 05:16:31 GMT, Robby Workman <newsgroups@rlworkman.net> wrote:

> http://howtos.rlworkman.net/NFS_Firewall_HOWTO

Rationale for firewall? Over here I allow unrestricted localnet traffic,
restrict connections from 'out there'... So no problem re: random ports.

Why or when would I make NFS firewall rules like in your document?


The only port I nail is DNS query port, a that causes iptables to see
them as a stream and hold open the fake 'connection' for 180 rather
than 30 seconds, for the slow reply nameservers my ISP uses.

Grant.
--
http://bugsplatter.mine.nu/