From owner-freebsd-net@FreeBSD.ORG  Fri Jun 15 17:55:39 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@FreeBSD.org
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id DC42716A400
	for <freebsd-net@FreeBSD.org>; Fri, 15 Jun 2007 17:55:39 +0000 (UTC)
	(envelope-from rea-fbsd@codelabs.ru)
Received: from pobox.codelabs.ru (pobox.codelabs.ru [144.206.177.45])
	by mx1.freebsd.org (Postfix) with ESMTP id A73AA13C43E
	for <freebsd-net@FreeBSD.org>; Fri, 15 Jun 2007 17:55:38 +0000 (UTC)
	(envelope-from rea-fbsd@codelabs.ru)
DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru;
	h=Received:Date:From:To:Cc:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender:X-Spam-Status:Subject;
	b=aLouZM5k1pzOa5VgnPMDiNvFV2c/NN3gLRPifFC7E3A8kNGr5sdKf4OjSDcJLEzha7z8biU6tjdnvdTlLn2sTOz7OVytHTM4IqsD9TNRBeniU+TgdBoqw1HW/P5Gd6cDjRTHNHu0EKpLiWr4XAQ2qjV8FVkqG3UkM/tDH0V6Lpc=;
Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25])
	by pobox.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256)
	id 1HzG1F-00055F-N6; Fri, 15 Jun 2007 21:55:33 +0400
Date: Fri, 15 Jun 2007 21:55:28 +0400
From: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
To: "Bruce M. Simpson" <bms@incunabulum.net>
Message-ID: <20070615175528.GL3779@void.codelabs.ru>
References: <20070615072734.GC8093@obiwan.tataz.chchile.org>
	<20070615105950.GH3779@void.codelabs.ru>
	<4672D09B.9030100@incunabulum.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <4672D09B.9030100@incunabulum.net>
Sender: rea-fbsd@codelabs.ru
X-Spam-Status: No, score=-2.8 required=4.0 tests=ALL_TRUSTED,AWL,BAYES_00
Cc: freebsd-net@FreeBSD.org, Jeremie Le Hen <jeremie@le-hen.org>
Subject: Re: Firewalling NFS
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jun 2007 17:55:39 -0000

Bruce, good day.

Fri, Jun 15, 2007 at 06:47:07PM +0100, Bruce M. Simpson wrote:
> I added the -p switch to mountd(8) a few years ago, as I needed to run a 
> read-only NFS server exposed to the outside world; to firewall it I needed a 
> deterministic RPC port number, which is what -p gives you. Otherwise you have 
> to rely on the TCP wrapper support built into rpcbind(8). The rpc.lockd and 
> rpc.statd daemons were recently changed to incorporate this switch too, 
> although I don't think it has been backported to the 6-STABLE branch yet.

OK, thanks for the explanations.

So, Jeremie, you will need to wait for merge of the change or backport
it manually.
-- 
Eygene