On Tue, Sep 23, 2014 at 3:07 AM, Jan Chaloupka <jchaloup@xxxxxxxxxx> wrote: > mountd tcp wrappers support only NFSv2 and NFSv3, not NFSv4. > > https://bugzilla.redhat.com/show_bug.cgi?id=1116283 > > This patch updates the man page > > Signed-off-by: Jan Chaloupka <jchaloup@xxxxxxxxxx> > --- > utils/mountd/mountd.man | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/utils/mountd/mountd.man b/utils/mountd/mountd.man > index a8828ae..1aae75b 100644 > --- a/utils/mountd/mountd.man > +++ b/utils/mountd/mountd.man > @@ -217,6 +217,8 @@ listeners using the > .B tcp_wrapper > library or > .BR iptables (8). > +Tcp wrappers are only in effect with NFS version 2 and 3 mounts. > +They do not work with NFS version 4. > .PP > Note that the > .B tcp_wrapper > Is there any point to compiling mountd with the tcp wrappers in this day and age? tcp wrappers isn't enforced by knfsd, so as the above manpage change indicates it really is only blocking NFSv2/v3 _mount_ attempts. If you can use NFSv4, or sniff the NFSv2/v3 traffic or even just guess NFSv2/v3 filehandles, then tcp wrappers can be 100% circumvented. -- Trond Myklebust Linux NFS client maintainer, PrimaryData trond.myklebust@xxxxxxxxxxxxxxx -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
