On Fri, 1 Feb 2008, Jefferson Ogata wrote: > It would be nice if they would at least randomize the source ports on new > connections.
There evidently is another RFE to do something like that, or at least try another port if the original connection times out. > Maybe you could fire up a program before 73nfs.client that would bind a > random number of TCP ports from 1023 down, forcing the NFS client to > come up on a new port. It's Solaris 10 with SMF, there is no 73nfs.client. > Though I don't consider return-rst to be a kluge, really. What's klugey > about that? I currently have no specific rules blocking inbound packets from NFS servers, I would need to either add one, or use return-rst on my general block inbound rule. Both feel somewhat kludgy. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | [EMAIL PROTECTED] California State Polytechnic University | Pomona CA 91768
