This one was wide of the mark, now that I discovered something. Apparently I have a custom firewall rule to block the nfsd ports. But none for statd or mountd? Is it possible that they restricted their listening in some way in woody, by /etc/exports possibly? Seems unlikely, and yet why would I have blocked nfsd and not the others? Doesn't matter, in the end.
So, this should be downgraded to 'wishlist', keep it's security tag (I think). It would certainly make my day if these daemons only listened on addresses in /etc/exports, or on the interfaces implied by the contents of /etc/exports. To me it seems rather 1970's of these programs to be so gragarious in their habits of listening on 0.0.0.0 no matter what. Or perhaps it could take some arguments on the command line, ala dhcpd, for the allowed interfaces to bind. a -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
