1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
Matthias Langer wrote: |
5 |
> i've recently set up a local nfs server for my disfiles; to keep the WAN |
6 |
> out i have: |
7 |
> |
8 |
> iptables -A INPUT -p TCP -i ! ${LAN} -d 0/0 --dport nfs -j DROP |
9 |
> iptables -A INPUT -p UDP -i ! ${LAN} -d 0/0 --dport nfs -j DROP |
10 |
> |
11 |
> everthing is working fine so far; however, my logs are full with these |
12 |
> messages: |
13 |
> |
14 |
> svc: bad direction 268435456, dropping request |
15 |
> |
16 |
> any comments ? |
17 |
|
18 |
I have had this too from quite a while back |
19 |
(http://blog.axljab.homelinux.org/post/6/). I turned on logging in my |
20 |
firewall to find out that nfs listens on random ports for UDP |
21 |
connections. The problem is that the random ports change ;-) In my |
22 |
firewall *most* of > 1024 is open so there isn't much I can do about it. |
23 |
|
24 |
- From what I noticed it's nobody trying to hack you but rather just |
25 |
internet "static" which by coincidence tries a port that your NFS is |
26 |
listening on. I stopped worrying about it after a while. The option for |
27 |
NFS to listen only on one interface wasn't then (iirc) an option .. not |
28 |
sure about now though. |
29 |
|
30 |
Greetings, |
31 |
Ralph |
32 |
-----BEGIN PGP SIGNATURE----- |
33 |
Version: GnuPG v1.4.2.2 (GNU/Linux) |
34 |
|
35 |
iD8DBQFEljT+Ct0ZF9kLPvYRAupeAJ9kSYUdHh6DaV/npK+llF7an4jcMQCfXUgN |
36 |
Gr0GEONQuBgPDhYgYdqedW8= |
37 |
=JSh1 |
38 |
-----END PGP SIGNATURE----- |
39 |
-- |
40 |
gentoo-user@g.o mailing list |