Re: installing TCP programs when RPC programs are running

Florian Weimer <fw@deneb.enyo.de> - Thu, Oct 07, 2004:

> I think the best option would be to allow the system administrator to
> statically allocate the ports used by RPC programs.  This would help
> packet filters, too.

 While I see the benefit of your suggestion, for packet filters, I don't
 see how that would help average people experiencing the problem?  Would
 you require the admin to configure each port for each RPC service as it
 is installed?

 (BTW, I used to call rpcinfo -p to setup my iptables rules dynamically,
 but that does not cover service restarts very well, something like a
 rpc_conntrack would be better, and it seemed to exist too)

Loïc Minier <lool@dooz.org>

