Ethan Benson [erbenson@alaska.net] said: > easier said then done, statd allocates a random (usually privileged) > port and registers it with the portmapper. blocking it with ipchains > is a pain. about the only way you can do it is to use a script that > parses the output of rpcinfo -p localhost to find statd's current port > and make a rule for it. that of course breaks as soon as nfs-common > gets restarted. I do this and I add a line to /etc/init.d/nfs-common so that when nfs-common is started, it executes the script. It's far from perfect, but it seems to work better than nothing. --paulv
Attachment:
pgpMdUMAULhgX.pgp
Description: PGP signature