| 1 |
On Wednesday 04 October 2006 15:14, Michael Sullivan wrote: |
| 2 |
> How do I discover (or define) which port numbers NFS uses, and whether |
| 3 |
> they are TCP or UDP so that I can let them through my firewall? |
| 4 |
|
| 5 |
|
| 6 |
You can manually assign nfs port numbers. |
| 7 |
|
| 8 |
First stop is: /etc/conf.d/nfs. |
| 9 |
|
| 10 |
I set THE following options: |
| 11 |
|
| 12 |
RPCMOUNTDOPTS="-P 4002" |
| 13 |
RPCSTATDOPTS="-p 4000" |
| 14 |
|
| 15 |
Second stop is /etc/sysctl.conf. |
| 16 |
|
| 17 |
I set the following options: |
| 18 |
fs.nfs.nlm_tcpport=4001 |
| 19 |
fs.nfs.nlm_udpport=4001 |
| 20 |
|
| 21 |
Third stop is the kernel sources. The nfs modules must be compiled into the |
| 22 |
kernel, not as modules if you want the changed in sysctl.conf to be set |
| 23 |
correctly at boot time. |
| 24 |
|
| 25 |
Once this is satisfied... after a reboot, rpcinfo returns: |
| 26 |
|
| 27 |
program vers proto port |
| 28 |
100000 2 tcp 111 portmapper |
| 29 |
100000 2 udp 111 portmapper |
| 30 |
100024 1 udp 4000 status |
| 31 |
100024 1 tcp 4000 status |
| 32 |
100003 2 udp 2049 nfs |
| 33 |
100003 3 udp 2049 nfs |
| 34 |
100003 4 udp 2049 nfs |
| 35 |
100003 2 tcp 2049 nfs |
| 36 |
100003 3 tcp 2049 nfs |
| 37 |
100003 4 tcp 2049 nfs |
| 38 |
100021 1 udp 4001 nlockmgr |
| 39 |
100021 3 udp 4001 nlockmgr |
| 40 |
100021 4 udp 4001 nlockmgr |
| 41 |
100021 1 tcp 4001 nlockmgr |
| 42 |
100021 3 tcp 4001 nlockmgr |
| 43 |
100021 4 tcp 4001 nlockmgr |
| 44 |
100005 1 udp 4002 mountd |
| 45 |
100005 1 tcp 4002 mountd |
| 46 |
100005 2 udp 4002 mountd |
| 47 |
100005 2 tcp 4002 mountd |
| 48 |
100005 3 udp 4002 mountd |
| 49 |
100005 3 tcp 4002 mountd |
| 50 |
|
| 51 |
Nfs will use only those ports now and very easily accessed through a firewall. |
| 52 |
|
| 53 |
Cheers. |
| 54 |
|
| 55 |
-- |
| 56 |
gentoo-user@g.o mailing list |
Archives