On Mon, Jul 12, 2010 at 09:19:33AM -0400, Daniel P. Berrange wrote:
> For
>
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2242
>
> IPtables will seek to preserve the source port unchanged when
> doing masquerading, if possible. NFS has a pseudo-security
> option where it checks for the
For
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2242
IPtables will seek to preserve the source port unchanged when
doing masquerading, if possible. NFS has a pseudo-security
option where it checks for the source port <= 1023 before
allowing a mount request. If an admin has used this to