Great Circle Associates Firewalls
(February 1994)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: NFS mounts
From: Scott McClung <mcclung @ nawc690 . chinalake . navy . mil>
Date: Thu, 3 Feb 1994 16:05:16 -0800 (PST)
To: smb @ research . att . com
Cc: Firewalls @ GreatCircle . COM
In-reply-to: <9402032306 . AA03767 @ mycroft . GreatCircle . COM> from "smb @ research . att . com" at Feb 3, 94 06:06:50 pm

> 	 The TCP wrapper package is not a total solution since, from my
> 	 understanding, the tcp wrapper only works when the service is
> 	 started, not once it is running.  This leaves your with hole
> 	 on processes that get stated and then hang around.  Things
> 	 like rpc.mountd, ypserv, tftpd, etc.  This may have changed in
> 	 later releases of the the wrappers since I don't have the
> 	 current version docs open and am working from memory which is
> 	 dealing with the older versions.
> 
> Good point.  rpc.mountd can be started from inetd, but I don't know how
> long it hangs around.  I also don't know how TCP calls to it are
> handled in that case; the inetd.conf file here only shows a UDP entry.

If you change the 'wait' to 'nowait' in inetd.conf, won't the service be 
invoked at every call to mountd?  I've always assumed ( maybe incorrectly )
that mountd only used rpc/udp, and didn't need a 'TCP' entry.  If I'm
wrong, I'd appreciate hearing about it...

-- 
Scott McClung
Computer Engineer, SAIC
mcclung @
 nawc690 .
 chinalake .
 navy .
 mil


Follow-Ups:
References:
Indexed By Date Previous: Re: NFS mounts
From: jsz @ ramon . bgu . ac . il
Next: Re: NFS mounts
From: abeckett @ fmlrnd . co . uk
Indexed By Thread Previous: Re: NFS mounts
From: smb @ research . att . com
Next: Re: NFS mounts
From: kannan @ catarina . usc . edu

Google
 
Search Internet Search www.greatcircle.com