conntrackd: RPC helper added to cthelper

How to use this helper in a few steps:

1) You can enable this helper via:

 nfct helper add rpc inet tcp
 nfct helper add rpc inet udp

2) Configure /etc/conntrackd/conntrackd.conf and launch it.

3) You can test this helper locally with the following rule-set:

 iptables -A OUTPUT -t raw -p udp -m udp --dport 111 -j CT --helper rpc
 iptables -A OUTPUT -t raw -p tcp -m tcp --dport 111 -j CT --helper rpc
 iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 111 -j ACCEPT
 iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 111 -j ACCEPT
 iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
 iptables -P OUTPUT DROP

4) Configure NFS and export some local directory. Then, mount it with version 3.

 mount.nfs -onfsvers=3 127.0.0.1:/srv/cvs /mnt/

You should see permanent expectations created for this.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

0 files changed, 0 insertions, 0 deletions