Problem with nfs

Guillaume Lécroart
Fri, 12 Oct 2001 02:29:10 +0200

The problem with NFS is that it uses RPC, including a hard-to-filter dynamic
port allocation mechanism.

I guess you'll have to write a NAT module for this and makes NetFilter the
first firewall ever to handle RPC traffic ;-)

No kidding, maybe some foolish guys have already done this hacking into a
NetBSD framework, but I never heard about any commercial product that would
do so.

Anybody working on this on the hackers' side?

I know that some "client" RPC stacks can be restricted to use some specifics
ports or port ranges (Microsoft ones does, at least for SQLServer and
MS-exchange...) on this purpose (crossing firewalls), but I'm not too sure
that you can fix the ports on a NFS client or servers.

----- Original Message -----
From: <>
To: <>
Sent: Thursday, October 11, 2001 8:42 PM
Subject: Problem with nfs

> hello, I use a firewall with iptables and I need that that firewall allows
the connection of clients nfs.
> Does somebody know like I can make that?
> Get your own FREE E-mail address at
> Linux FREE Mail is 100% FREE, 100% Linux, and 100% yours!