which ports do i open for nfs?

IPFW, PF, IPF (but not limited) related discussion

which ports do i open for nfs?

Postby wonslung » 30 Jun 2009, 12:24

I did a search before i posted this and i can't seem to find a definitive answer.

I'm using pf as my firewall, this is a single interface machine without nat. I just need to open the correct nfs listening ports.

here is my pf.conf SO FAR for this machine.
i have a second loopback device called lo1 to allow some stuff to communicate between jails (mysql, apache)

Code: Select all
#defined services
tcp_services = "{ssh, smtp, domain, ftp, www, pop3, auth, https, pop3s, 137, 138, 139, 51500, 10000 }"
udp_services = "{ domain, ftp, ntp, 137, 138, 139, 1900 }"

#interface for all ip's on em0
int="re0"

#log interface

set loginterface $int

#default block rule
block all

#allow traffic to/from localhost
pass in quick on lo0 all
pass in quick on lo1 all
pass out quick on lo0 all
pass out quick on lo1 all

#default pass in for our defined services

pass in on $int proto tcp from any to any port $tcp_services keep state
pass in on $int proto udp from any to any port $udp_services keep state


#pass in for all torrentflux-b4rt services
pass in quick on $int proto tcp from any to any port 49160:49300 keep state

# allow everything else out
pass out on $int proto tcp from any to any keep state
pass out on $int proto udp from any to any keep state
wonslung
Member
 
Posts: 850
Joined: 07 May 2009, 00:15

Postby DutchDaemon » 30 Jun 2009, 12:34

Usually 111 (tcp/udp) and 2049 (tcp/udp).

A somewhat more complete list would be:

Code: Select all
sunrpc      111/tcp      rpcbind   #SUN Remote Procedure Call
sunrpc      111/udp      rpcbind   #SUN Remote Procedure Call
nfsd-status   1110/tcp   #Cluster status info
nfsd-keepalive   1110/udp   #Client status info
nfsd      2049/tcp   nfs      # NFS server daemon
nfsd      2049/udp   nfs      # NFS server daemon
lockd      4045/udp   # NFS lock daemon/manager
lockd      4045/tcp
User avatar
DutchDaemon
Old Fart
 
Posts: 10467
Joined: 16 Nov 2008, 20:17
Location: The Netherlands


Return to Firewalls

Who is online

Users browsing this forum: No registered users and 0 guests