Alvaro Reguly writes: > I'm not sure but maybe if you put > > net.ipv4.ip_local_port_range = 1024 5000 > > in /etc/sysctl.conf ?
This works in the sense that client requests come from the new range. However, nfs/rpc ports are also from the new range, so the original goal to block these ports is defied. Is there anything else apart to the stateful filtering one can do? (which isn't an option on the router). Can one specify the ports used by the portmapper? -Igor Mozetic
