From owner-freebsd-stable@FreeBSD.ORG  Fri Jan  6 15:22:45 2006
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5411A16A41F
	for <freebsd-stable@freebsd.org>; Fri,  6 Jan 2006 15:22:45 +0000 (GMT)
	(envelope-from vivek@khera.org)
Received: from yertle.kcilink.com (yertle.kcilink.com [65.205.34.180])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 048CA43D46
	for <freebsd-stable@freebsd.org>; Fri,  6 Jan 2006 15:22:44 +0000 (GMT)
	(envelope-from vivek@khera.org)
Received: from [192.168.7.103] (host-103.int.kcilink.com [192.168.7.103])
	by yertle.kcilink.com (Postfix) with ESMTP id 44F5EB864;
	Fri,  6 Jan 2006 10:22:44 -0500 (EST)
In-Reply-To: <20060106094024.GA43299@ns.museum.rain.com>
References: <20060106040839.A38DE16A46C@hub.freebsd.org>
	<20060106094024.GA43299@ns.museum.rain.com>
Mime-Version: 1.0 (Apple Message framework v746.2)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <CFE93CDE-135A-4042-8A40-EB79D10C42E5@khera.org>
Content-Transfer-Encoding: 7bit
From: Vivek Khera <vivek@khera.org>
Date: Fri, 6 Jan 2006 10:22:43 -0500
To: James Long <stable@museum.rain.com>
X-Mailer: Apple Mail (2.746.2)
Cc: freebsd-stable@freebsd.org
Subject: Re: rpcbind lingering on IP no longer specified on command line
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jan 2006 15:22:45 -0000


On Jan 6, 2006, at 4:40 AM, James Long wrote:

>> Yeah, I noticed that little tiny "UDP requests" note in the -h docs
>> too.  There's no reason to bind to all tcp addresses, and it is
>> causing me heartburn for getting the server certified...
>
> Good grief, why not just firewall off the undesired UDP ports and call
> it good?

I guess we could take that band-aid approach... however, how do you  
know what port RPC decides to listen on other than the 111 port?  It  
is more or less random.  That makes it very difficult to firewall.