Date: Wed, 2 Sep 2020 16:58:45 +0100 From: Arthur Chance <freebsd@qeng-ho.org> To: Yuri Pankov <ypankov@xsmail.com>, FreeBSD-Questions <freebsd-questions@freebsd.org> Subject: Re: rpcbind opening random insecure(?) ports? Message-ID: <09031802-22b8-a0d8-0692-7ec0cbb51057@qeng-ho.org> In-Reply-To: <ed26cef6-38c6-32da-e2b4-8759262c74e6@xsmail.com> References: <6831e7a5-dc1c-2495-b2ce-a5d1eae6606c@qeng-ho.org> <ed26cef6-38c6-32da-e2b4-8759262c74e6@xsmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 02/09/2020 16:55, Yuri Pankov wrote: > Arthur Chance wrote: >> I have a multi-homed server that I use, amongst other things, as an NFS >> server for my lan. To stop them being visible on the other interfaces >> rpcbind, nfsd and mountd all have -h command arguments restricting them >> to the lan's IPv4 and IPv6 addresses. This works fine for nfsd and >> mountd, but sockstat -l shows rpcbind opening unrestricted ports >> >> USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS >> root rpcbind 18959 5 stream /var/run/rpcbind.sock >> root rpcbind 18959 6 udp6 ::1:111 *:* >> root rpcbind 18959 7 udp6 2a02:8010:64c9:1::3:111 *:* >> root rpcbind 18959 8 udp6 *:765 *:* >> root rpcbind 18959 9 tcp6 ::1:111 *:* >> root rpcbind 18959 10 tcp6 2a02:8010:64c9:1::3:111 *:* >> root rpcbind 18959 11 udp4 127.0.0.1:111 *:* >> root rpcbind 18959 12 udp4 172.23.1.3:111 *:* >> root rpcbind 18959 13 udp4 *:778 *:* >> root rpcbind 18959 14 tcp4 127.0.0.1:111 *:* >> root rpcbind 18959 15 tcp4 172.23.1.3:111 *:* >> root rpcbind 18959 17 udp6 *:* *:* >> >> Note the *:765 and *:* ports listening on udp6 and *:778 port on udp4. >> >> Why is it doing this and how do I stop it? >> >> This is on amd64 12.1-RELEASE-p8, not using NFSv4. > > What does `rpcinfo -p` think about it? It only shows the port 111 sockets: root@nas:0# rpcinfo -p program vers proto port service 100000 4 tcp 111 rpcbind 100000 3 tcp 111 rpcbind 100000 2 tcp 111 rpcbind 100000 4 udp 111 rpcbind 100000 3 udp 111 rpcbind 100000 2 udp 111 rpcbind 100000 4 local 111 rpcbind 100000 3 local 111 rpcbind 100000 2 local 111 rpcbind 100005 1 udp 954 mountd 100005 3 udp 954 mountd 100005 1 tcp 954 mountd 100005 3 tcp 954 mountd 100003 2 udp 2049 nfs 100003 3 udp 2049 nfs 100003 2 tcp 2049 nfs 100003 3 tcp 2049 nfs -- The number of people predicting the demise of Moore's Law doubles every 18 months.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?09031802-22b8-a0d8-0692-7ec0cbb51057>