Hong Tian said:
> Hi,
>
> I am working with a NFS server on Red Hat 7.3. For secure reason I want to
> use IPCHAINS to restrict TCP/UDP ports. Now the question is that how many
> ports should be opened for a NFS server? only port 111, port 635, and port
> 2049?
> Thanks for your help.
NFS depends upon RPC services, and some of those RPC services use random
ports when they start.
what I do:
PORTS="`rpcinfo -p | awk '{print $4}' | grep '[0-9]'`"
for rpcport in $PORTS
do
/sbin/ipchains -A input -s 0/0 -d 0/0 $rpcport -j REJECT -p tcp -i eth0
/sbin/ipchains -A input -s 0/0 -d 0/0 $rpcport -j REJECT -p udp -i eth0
done
(change REJECT to ACCEPT if your firewall is default deny)
nate
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
