Quick question about filtering NFS... Notice I said "filtering"
NFS (with a router) and not "firewalling" NFS. I have 2 corporate
networks (which are completely isolated from the Internet)
and I'd like to leave them as 2 networks for the most part,
but I've been told that we must be able to NFS mount machines from
one net to the other.
I did some sniffing and found the usual ports used, that is 111
and 2049 (RPC and NFS) But I also found that there is some
randomness to the port numbers used between machines, and they
are below the superuser fence... For example, I saw port numbers
like 522 and 935.
So the simple question is why? Would this be something specific
to Wallongong maybe? Is there a range of ports I have to open,
of would is be easier to deny specifics and allow all else ?