ipfw and NFS?

Dominic Mitchell dom at happygiraffe.net
Mon Mar 25 10:26:46 GMT 2002

On Sat, Mar 23, 2002 at 07:25:56PM +0000, Jose Marques wrote:
> On Sat, 23 Mar 2002, Jonathan Belson wrote:
> > Has anyone got any snippets of rc.firewall which show how
> > it's done?
> Assuming you're using the "Simple" option then adding something like:
> # Allow any traffic to or from my own net via internal interface
> ${fwcmd} add pass all from ${iip} to ${inet}:${imask} via ${iif}
> ${fwcmd} add pass all from ${inet}:${imask} to ${iip} via ${iif}
> should do the job (not tested it though).  NFS is a bugger to firewall
> because or portmapper.

  Actually, NFS is ok, because it's hard coded to port 2049.  mountd(8)
  is the real bugger because it does use portmap.


More information about the Ukfreebsd mailing list