2.2.2.2. Protect portmap With iptables
Below are two example iptables commands. The first allows TCP connections to the port 111 (used by the portmap
service) from the 192.168.0.0/24 network. The second allows TCP connections to the same port from the localhost. This is necessary for the sgi_fam
service used by
Nautilus
. All other packets are dropped.
To similarly limit UDP traffic, use the following command.