On Wed, 31 Jul 2002, Dale Amon wrote: > Since you brought the subject up... :-) > > Does anyone have a good way of dealing with daemons that use unpredictable > port > numbers? I have particular headaches with NFS, gdomap, and just recently > SmokePing > started doing it. > > I like to start off with a drop of everything and then open the absolute > minimal > requirements. INCLUDING LOOPBACK. > > So has anyone found a good way to deal with the unpredictable daemons?
I think that netfilter helpers exist to enable connection tracking on RPC services, but these helpers did not make it (yet) in the official kernels from kernel.org nor in the debian sources. There is a sourceforge project, called the WOFL, which is a working functionally overloaded kernel with all sorts of optional patches integrated in it, but I am a bit reluctant to use it on a production machine. What I would _really_ like is a debian-style kernel-patch-netfilter package, to be able to smoothly integrate only the patches I need. Mosix (and openmosix, for that matter) and freeswan kernel patches are already available as well done debian packages, I hope we will see something like it for the netfilter patch-o-matic optional patches soon... Bye Giacomo -- _________________________________________________________________ Giacomo Mulas <[EMAIL PROTECTED], [EMAIL PROTECTED]> _________________________________________________________________ OSSERVATORIO ASTRONOMICO DI CAGLIARI Str. 54, Loc. Poggio dei Pini * 09012 Capoterra (CA) Tel.: +39 070 71180 248 Fax : +39 070 71180 222 _________________________________________________________________ "When the storms are raging around you, stay right where you are" (Freddy Mercury) _________________________________________________________________