diff options
author | dillon <dillon@FreeBSD.org> | 1999-11-11 17:35:36 +0000 |
---|---|---|
committer | dillon <dillon@FreeBSD.org> | 1999-11-11 17:35:36 +0000 |
commit | 4c498c4fdeb063ec3facb3dd2964fb02d90c17f5 (patch) | |
tree | cccb89faeac791d2d80cdc21936bfef7a51de932 /usr.sbin/nfsd/nfsd.8 | |
parent | ac372bbf0e733ba582ca3078e6ce33d10500e9ca (diff) | |
download | FreeBSD-src-4c498c4fdeb063ec3facb3dd2964fb02d90c17f5.zip FreeBSD-src-4c498c4fdeb063ec3facb3dd2964fb02d90c17f5.tar.gz |
Give nfsd the ability to bind to specific IP addresses through the -h
option and add explicit option to bind to the wildcard address. The
default is to bind to the wildcard address when no -h option has been
specified and thus backwards compatibility is maintained.
PR: kern/13049
Reviewed by: David Malone <dwmalone@maths.tcd.ie>
Submitted by: Matt Dillon <dillon@freebsd.org>, David Malone <dwmalone@maths.tcd.ie>
Diffstat (limited to 'usr.sbin/nfsd/nfsd.8')
-rw-r--r-- | usr.sbin/nfsd/nfsd.8 | 32 |
1 files changed, 30 insertions, 2 deletions
diff --git a/usr.sbin/nfsd/nfsd.8 b/usr.sbin/nfsd/nfsd.8 index e3d3e1c..f0314ae 100644 --- a/usr.sbin/nfsd/nfsd.8 +++ b/usr.sbin/nfsd/nfsd.8 @@ -42,8 +42,9 @@ server .Sh SYNOPSIS .Nm nfsd -.Op Fl rut +.Op Fl arut .Op Fl n Ar num_servers +.Op Fl h Ar bindip .Sh DESCRIPTION .Nm Nfsd runs on a server machine to service @@ -72,6 +73,19 @@ or options to re-register NFS if the portmap server is restarted. .It Fl n Specifies how many servers to create. +.It Fl h Ar bindip +Specifies which IP address or hostname to bind to on the local host. +This option is recommended when a host has multiple interfaces. Multiple +.Fl h +options may be specified. +.It Fl a +Specifies that nfsd should bind to the wildcard IP address. +This is the default if no +.Fl h +options are given. It may also be specified in addition to any +.Fl h +options given. Note that NFS/UDP does not operate properly when +bound to the wildcard IP address whether you use -a or do not use -h. .It Fl t Serve .Tn TCP NFS @@ -119,6 +133,19 @@ KLD is available, .Nm nfsd will exit with an error. .Pp +If +.Nm nfsd +is to be run on a host with multiple interfaces or interface aliases, use +of the +.Fl h +option is recommended. If you do not use the option NFS may not respond to +UDP packets from the same IP address they were sent to. Use of this option +is also recommended when securing NFS exports on a firewalling machine such +that the NFS sockets can only be accessed by the inside interface. +.Nm Ipfw +would then be used to block nfs-related packets that come in on the outside +interface. +.Pp The .Nm nfsd utility exits 0 on success, and >0 if an error occurs. @@ -127,7 +154,8 @@ utility exits 0 on success, and >0 if an error occurs. .Xr nfssvc 2 , .Xr kldload 8 , .Xr mountd 8 , -.Xr portmap 8 +.Xr portmap 8 , +.Xr ipfw 8 .Sh HISTORY The .Nm nfsd |