Hello All, With autofs on Red Hat/Centos, the" /net -hosts" special map allows all NFS resources exported by all accessible NFS servers to get mounted under the /net directory without explicitly mounting each one of them. E.g. accessing /net/host1 will instruct autofs to mount all available resources on host1. At first, it didn't work. E.g. if I run cd /net/host1 I have always got "No such file or directory". After running tcpdump to analyse the packets, I discovered that this particular feature uses sunrpc (port 111) and a random UDP port (30000 above). The problem is how I set iptables rule for this random port. I know I can specify a port range like --dport 30000:60000, but this is not a safe way to configure a firewall. Cheers, Bill