Hi guys,
I specified a specific port for lockd(8) to bind to, but it's not using that port when sending back a response and it's breaking my egress firewall rule. Instead it's using a random root port as source port. Is there a knob that I'm missing?
From the packet capture I can see NLM lockd replying with
and it's being denied because it doesn't match my ipfw rule of:
Thanks for the help!
I specified a specific port for lockd(8) to bind to, but it's not using that port when sending back a response and it's breaking my egress firewall rule. Instead it's using a random root port as source port. Is there a knob that I'm missing?
Code:
rpc_lockd_flags="-p 33333"
From the packet capture I can see NLM lockd replying with
Code:
udp.srcport = 986
and it's being denied because it doesn't match my ipfw rule of:
Code:
01100 allow udp from any to me dst-port 33333 in via em0
01100 allow udp from any 33333 to me in via em0
01100 allow udp from me to any dst-port 33333 out via em0
01100 allow udp from me 33333 to any out via em0
Thanks for the help!