NFS HOWTO : Security and NFS : NFS and firewalls
Previous: Server security: the portmapper
Next: Summary

6.4. NFS and firewalls

It's a very good idea to firewall the nfs and portmap ports in your router or firewall. The nfsd operates at port 2049, both udp and tcp protocols. The portmapper at port 111, tcp and udp, and mountd at port 745 and and 747, tcp and udp. Normally. You should check the ports with the rpcinfo -p command.

If on the other hand you want NFS to go through a firewall there are options for newer NFSds and mountds to make them use a specific (nonstandard) port which can be open in the firewall.


NFS HOWTO : Security and NFS : NFS and firewalls
Previous: Server security: the portmapper
Next: Summary