| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
Matthias Langer wrote: |
| 5 |
> i've recently set up a local nfs server for my disfiles; to keep the WAN |
| 6 |
> out i have: |
| 7 |
> |
| 8 |
> iptables -A INPUT -p TCP -i ! ${LAN} -d 0/0 --dport nfs -j DROP |
| 9 |
> iptables -A INPUT -p UDP -i ! ${LAN} -d 0/0 --dport nfs -j DROP |
| 10 |
> |
| 11 |
> everthing is working fine so far; however, my logs are full with these |
| 12 |
> messages: |
| 13 |
> |
| 14 |
> svc: bad direction 268435456, dropping request |
| 15 |
> |
| 16 |
> any comments ? |
| 17 |
|
| 18 |
I have had this too from quite a while back |
| 19 |
(http://blog.axljab.homelinux.org/post/6/). I turned on logging in my |
| 20 |
firewall to find out that nfs listens on random ports for UDP |
| 21 |
connections. The problem is that the random ports change ;-) In my |
| 22 |
firewall *most* of > 1024 is open so there isn't much I can do about it. |
| 23 |
|
| 24 |
- From what I noticed it's nobody trying to hack you but rather just |
| 25 |
internet "static" which by coincidence tries a port that your NFS is |
| 26 |
listening on. I stopped worrying about it after a while. The option for |
| 27 |
NFS to listen only on one interface wasn't then (iirc) an option .. not |
| 28 |
sure about now though. |
| 29 |
|
| 30 |
Greetings, |
| 31 |
Ralph |
| 32 |
-----BEGIN PGP SIGNATURE----- |
| 33 |
Version: GnuPG v1.4.2.2 (GNU/Linux) |
| 34 |
|
| 35 |
iD8DBQFEljT+Ct0ZF9kLPvYRAupeAJ9kSYUdHh6DaV/npK+llF7an4jcMQCfXUgN |
| 36 |
Gr0GEONQuBgPDhYgYdqedW8= |
| 37 |
=JSh1 |
| 38 |
-----END PGP SIGNATURE----- |
| 39 |
-- |
| 40 |
gentoo-user@g.o mailing list |
Archives