On 2008-01-31 02:16, Paul B. Henson wrote:
What should happen in this case? Is Sun's position reasonable? In the face
of this scenario, complete failure is the best option? I haven't had the
time to try out the latest version of open-source ipf, would it do the same
thing?
I would say Sun's position is reasonable with respect to the behavior of
IP Filter, and unreasonable with respect to not tearing down the TCP
connection during umount.
Any recommendations on resolving this problem?
Use return-rst on your TCP block rule?
Or maybe mounting your NFS filesystems via automount would change the
behavior enough that things would work?
--
Jefferson Ogata <[EMAIL PROTECTED]>
NOAA Computer Incident Response Team (N-CIRT) <[EMAIL PROTECTED]>
"Never try to retrieve anything from a bear."--National Park Service
