-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 02 May 2003 11:32:08 -0400, Joseph Tate wrote: > Answers intermingled. As it should be. ;) > >For instance, on the NFS server, if you add a log rule right after > >the "trust eth0" rule, > > > > -A RH-Lokkit-0-50-INPUT -i eth0 -j ACCEPT > > -A RH-Lokkit-0-50-INPUT -i eth0 -j LOG --log-level alert > > > >do you see anything in the logs upon booting an NFS client? > > > Yes, tons of stuff. Ok, that would be proof that traffic from eth0 is not caught by the earlier ACCEPT rule. Interesting. I wish I could reproduce that. Based on the LOG messages and the currently loaded rules, you should be able to demonstrate that NFS traffic is not allowed. But is it just traffic related to Portmap/NFS or do you get connection refused also for other services? - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+sql40iMVcrivHFQRAsSkAJ9vABpSX4U6on+gEG1+MqBTHUoIEQCfYrWU RzLVvsoSHkUw3SUOfjepBnE= =wNuy -----END PGP SIGNATURE-----
