On Wednesday 04 October 2006 15:14, Michael Sullivan wrote:
> How do I discover (or define) which port numbers NFS uses, and whether
> they are TCP or UDP so that I can let them through my firewall?
You can manually assign nfs port numbers.
First stop is: /etc/conf.d/nfs.
I set THE following options:
RPCMOUNTDOPTS="-P 4002"
RPCSTATDOPTS="-p 4000"
Second stop is /etc/sysctl.conf.
I set the following options:
fs.nfs.nlm_tcpport=4001
fs.nfs.nlm_udpport=4001
Third stop is the kernel sources. The nfs modules must be compiled into the
kernel, not as modules if you want the changed in sysctl.conf to be set
correctly at boot time.
Once this is satisfied... after a reboot, rpcinfo returns:
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 4000 status
100024 1 tcp 4000 status
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100021 1 udp 4001 nlockmgr
100021 3 udp 4001 nlockmgr
100021 4 udp 4001 nlockmgr
100021 1 tcp 4001 nlockmgr
100021 3 tcp 4001 nlockmgr
100021 4 tcp 4001 nlockmgr
100005 1 udp 4002 mountd
100005 1 tcp 4002 mountd
100005 2 udp 4002 mountd
100005 2 tcp 4002 mountd
100005 3 udp 4002 mountd
100005 3 tcp 4002 mountd
Nfs will use only those ports now and very easily accessed through a firewall.
Cheers.
--
[email protected] mailing list
