1 |
On Wednesday 04 October 2006 15:14, Michael Sullivan wrote: |
2 |
> How do I discover (or define) which port numbers NFS uses, and whether |
3 |
> they are TCP or UDP so that I can let them through my firewall? |
4 |
|
5 |
|
6 |
You can manually assign nfs port numbers. |
7 |
|
8 |
First stop is: /etc/conf.d/nfs. |
9 |
|
10 |
I set THE following options: |
11 |
|
12 |
RPCMOUNTDOPTS="-P 4002" |
13 |
RPCSTATDOPTS="-p 4000" |
14 |
|
15 |
Second stop is /etc/sysctl.conf. |
16 |
|
17 |
I set the following options: |
18 |
fs.nfs.nlm_tcpport=4001 |
19 |
fs.nfs.nlm_udpport=4001 |
20 |
|
21 |
Third stop is the kernel sources. The nfs modules must be compiled into the |
22 |
kernel, not as modules if you want the changed in sysctl.conf to be set |
23 |
correctly at boot time. |
24 |
|
25 |
Once this is satisfied... after a reboot, rpcinfo returns: |
26 |
|
27 |
program vers proto port |
28 |
100000 2 tcp 111 portmapper |
29 |
100000 2 udp 111 portmapper |
30 |
100024 1 udp 4000 status |
31 |
100024 1 tcp 4000 status |
32 |
100003 2 udp 2049 nfs |
33 |
100003 3 udp 2049 nfs |
34 |
100003 4 udp 2049 nfs |
35 |
100003 2 tcp 2049 nfs |
36 |
100003 3 tcp 2049 nfs |
37 |
100003 4 tcp 2049 nfs |
38 |
100021 1 udp 4001 nlockmgr |
39 |
100021 3 udp 4001 nlockmgr |
40 |
100021 4 udp 4001 nlockmgr |
41 |
100021 1 tcp 4001 nlockmgr |
42 |
100021 3 tcp 4001 nlockmgr |
43 |
100021 4 tcp 4001 nlockmgr |
44 |
100005 1 udp 4002 mountd |
45 |
100005 1 tcp 4002 mountd |
46 |
100005 2 udp 4002 mountd |
47 |
100005 2 tcp 4002 mountd |
48 |
100005 3 udp 4002 mountd |
49 |
100005 3 tcp 4002 mountd |
50 |
|
51 |
Nfs will use only those ports now and very easily accessed through a firewall. |
52 |
|
53 |
Cheers. |
54 |
|
55 |
-- |
56 |
gentoo-user@g.o mailing list |