Hi, On Thursday 04 October 2001 13:08, you wrote:
* Kurt Seifried wrote on Thu, Oct 04, 2001 at 03:47 -0600:
rpc is 111. nfs is 2049.
On _your_ linux host running kfsd this may be true. But I couldn't firewall it, since it may change. IIRC uses user-space NFS a different port, for instance.
No. User-space NFS uses 2049. Just make sure it is listed in /etc/services, it will happily use that port.
rpc services are typically dynamic (although many are also static).
[snipped]
Of course. And to go for sure, I have to open all other ports, since RPC may use port 998 oder 2048. Open all ports is not a nice firewall :)
Do you mean mountd? Well, rpc.mountd uses random ports _unless_ you put a fixed port in /etc/services. E.g. mount 755/tcp mount 755/udp would mean rpc.mountd will _always_ use this port. Makes firewalling much easier. I'm not sure if you can trick other rpc services in the same way, but I haven't checked them all. I know for sure it's working for mountd.
oki,
Steffen
Regards, Martin -- Martin Leweling Institut fuer Planetologie, WWU Muenster Wilhelm-Klemm-Str. 10, 48149 Muenster, Germany