Spec

1
2
3
4
5
6
7
8
9

nfs_server_enable="YES"
nfs_server_flags="-u -t -n 4"
# nfs_reserved_port_only="YES"
nfsv4_server_enable="YES"
# nfsv4_server_only="YES"
nfsuserd_enable="YES"
nfsuserd_flags="-verbose"
mountd_enable="YES"
mountd_flags="-p 87"

1
2
3
4
5

sudo service mountd restart

sudo mkdir /vol /vol/public /vol/stu{ID}
sudo mkdir /vol /vol/public /vol/stu18
sudo chmod 777 /vol/stu18

1
2
3
4
5
6
7

service nfsclient start
sudo mkdir /net/data /net/data/public /net/data/stu18
sudo mount -t nfs4 10.113.18.2:/vol/public /net/data/public

sudo service automount restart
sudo service automountd restart
sudo service autounmountd restart

1
2
3

nfsuserd_enable="YES"
nfscbd_enable="YES"
autofs_enable="YES"

1

portmapper

1
2
3
4
5

sudo sysctl vfs.nfs.enable_uidtostring=1
sudo sysctl vfs.nfsd.enable_stringtouid=1
sudo sysctl vfs.nfsd.server_min_nfsvers=4

sudo sysctl vfs.nfs.enable_uidtostring=1

 1
 2
 3
 4
 5
 6
 7
 8
 9
10

pf_enable="YES"
pflog_enable="YES"

sudo pfctl -e
sudo service pf restart
sudo service pflog restart
# sudo service pfsync restart
sudo pfctl -F all -f /etc/pf.conf
sudo service pf reload
sudo pfctl -a '*' -s rules

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16

blacklistd_enable="YES"
blacklistd_flags="-r -f"

sudo service blacklistd restart
sudo service sshd restart

sudo pkill -USR1 blacklistd
sudo pkill -HUP blacklistd
/etc/blacklistd.conf

sudo blacklistctl dump -ar

sudo pfctl -a '*' -sr
sudo pfctl -a 'blacklistd/22' -t port22 -T show

pfctl -a blacklistd/22 -t port22 -T delete "$1"

1
2
3

sudo touch /usr/local/bin/iamgoodguy
sudo chown `whoami` /usr/local/bin/iamgoodguy
chmod +x /usr/local/bin/iamgoodguy