[OpenAFS] firewalling OpenAFS ports
Jerome Asselin
asselinj@exchange.umontreal.ca
Thu, 16 Jun 2005 15:35:29 -0400
Has anyone some iptables scripts to protect OpenAFS ports? I use the
standard AFS authentication method (*not* kerberos). Below are the ports
which are being used. I'm not sure which ones must be allowed to pass
through.
Thanks,
Jerome
# netstat -ntpl
tcp 0 0 127.0.0.1:2040 0.0.0.0:* LISTEN 16555/fileserver
# netstat -nupl
udp 0 0 0.0.0.0:32915 0.0.0.0:* 16554/upclient
udp 0 0 0.0.0.0:32916 0.0.0.0:* 16633/3
udp 0 0 0.0.0.0:88 0.0.0.0:* 16560/kaserver
udp 0 0 0.0.0.0:7000 0.0.0.0:* 16555/fileserver
udp 0 0 0.0.0.0:7001 0.0.0.0:* -
udp 0 0 0.0.0.0:7002 0.0.0.0:* 16562/ptserver
udp 0 0 0.0.0.0:7003 0.0.0.0:* 16565/vlserver
udp 0 0 0.0.0.0:7004 0.0.0.0:* 16560/kaserver
udp 0 0 0.0.0.0:7005 0.0.0.0:* 16559/volserver
udp 0 0 0.0.0.0:7007 0.0.0.0:* 16550/bosserver
udp 0 0 0.0.0.0:7021 0.0.0.0:* 16561/buserver
udp 0 0 0.0.0.0:750 0.0.0.0:* 16560/kaserver
--
Jerome Asselin, Agent de recherche, RHCE
CHUM -- Centre de recherche
3875 rue St-Urbain, 3e etage // Montreal QC H2W 1V1
Tel.: 514-890-8000 Poste 15914; Fax: 514-412-7106