nfs on 17.04
Tom H
tomh0665 at gmail.com
Thu Jun 29 12:28:26 UTC 2017
On Thu, Jun 29, 2017 at 7:56 AM, Xen <list at xenhideout.nl> wrote:
>
> You can easily use /etc/hosts.deny to deny traffic to this portmapper to
> anything other than your own networks or hosts.
>
> On a Debian 8 system this looks like this:
>
> # cat /etc/hosts.allow
> ALL EXCEPT nfsd, rpcbind @<ip address>: ALL
>
> # cat /etc/hosts.deny
> ALL: ALL EXCEPT 127. [::1]/128 10. 192.168.
>
> What you see here is that I denied access to everything except local
> networks.
> Then I allowed access to everything (on this IP) except nfsd and rpcbind.
I wouldn't waste time on tcpwrappers; it's iptables is more than
enough and tcpwrappers won't prevent iptables from blocking nfs
requests.
More information about the ubuntu-users
mailing list