June 2008
When protecting a NIS server with IPTables, the problem arises that ypserv
doesn't always pick the same port number to serve on, and relies on the portmapper to convey its location to the clients.
This is all well, but it is moderately hard to punch holes in the firewall every time the NIS server is restarted, and close them a gain afterwards.
The solution is painfully simple: ypserv
accepts the -p option, which fixes the port it is listening on.
Note | |
---|---|
As an aside, the real solution would be for SuSE to always reconfigure the firewall when the NIS server has restarted, which it does not. |