[mythtv-users] NFS issue
David Brodbeck
gull at gull.us
Mon Sep 17 17:04:48 UTC 2007
On Sep 17, 2007, at 5:53 AM, Chris Cox, N0UK wrote:
>>
>> FYI: That suggestion worked!!!! I just mapped my NFS share from
>> my Myth box. I added the following NFS information to my firewall
>> (as per rpcinfo -p):
>>
>> status TCP port 881/UDP port 878
>> rquotad TCP port 844/UDP port 841
>> mountd TCP port 883/UDP port 880
>> nlockmgr TCP port 50560/UDP port 32768
>
> I think that this solution is going to be problematic for you long
> term.
>
> There is no guarantee whatsoever that after restarting the NFS
> server that
> those RPC programs will use the same tcp or udp ports. Only the RPC
> portmapper uses a consistent, well-known port.
One simple option would be to just trust the NFS client host -- allow
everything to/from that IP address, in the iptables rules. If the IP
is static and you control the network, this isn't too serious a
risk. If you don't trust the client or don't control the network,
you probably should be using something other than NFS.
More information about the mythtv-users
mailing list