Petr Janda wrote: > Oliver Fromme wrote: > > Petr Janda wrote: > > > Im trying to find some page documenting which ports NFS uses. I know it > > > uses dynamic ports. Also is there anyway to make the ports static so I > > > can just open a few ports in my firewall and thats it. > > > > Basically two port numbers are involved, one for the mount > > protocol, and one for the actual NFS traffic. The latter > > is always 2049 by convention, but the former is allocated > > dynamically on some port below 1024 by default. However, > > mountd(8) has an option -p which specifies a fixed port > > number. So you simply have to start mountd(8) with that > > option and choose a fixed, unused port number below 1024. > > Then allow that port number and 2049 in your firewall. > > Im just looking at the output of rpcinfo -p and there seems to be a > whole bunch of ports like portmap , nlockmgr and others. What about them? > Petr
Sorry, I forgot to mention ... The portmap (a.k.a. rpcbind) itself is always on Port 111, so there's no problem. Just add port 111 to pass in your firewall, too. The rest is optional and only required when using rpc.lockd and rpc.statd. NFS locking is pretty much broken anyway, so I never use them. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way.
