Re: How to configure npf to restrict nfs to localhost

To: netbsd-users <netbsd-users%netbsd.org@localhost>
Subject: Re: How to configure npf to restrict nfs to localhost
From: Mayuresh <mayuresh%acm.org@localhost>
Date: Mon, 29 Jun 2020 11:26:37 +0530

On Mon, Jun 29, 2020 at 10:00:06AM +0530, Mayuresh wrote:
> Any hints for how to block these ports for outside world and keep open for
> localhost?

Tried:

group "external" on $ext_if {
    ...
    block final to any port 111
    block final to any port 2049
    ...

This kind of works. I can telnet to the port from localhost. From outside
it doesn't say connection refused, it just hangs instead. Obviously I am
missing something.

Mayuresh

Follow-Ups:
- Re: How to configure npf to restrict nfs to localhost
  - From: Paul Ripke

References:
- How to configure npf to restrict nfs to localhost
  - From: Mayuresh

Prev by Date: How to configure npf to restrict nfs to localhost
Next by Date: Re: How to configure npf to restrict nfs to localhost
Previous by Thread: How to configure npf to restrict nfs to localhost
Next by Thread: Re: How to configure npf to restrict nfs to localhost
Indexes:

Home | Main Index | Thread Index | Old Index