rpcbind opening random insecure(?) ports?
Arthur Chance
freebsd at qeng-ho.org
Wed Sep 2 15:44:46 UTC 2020
I have a multi-homed server that I use, amongst other things, as an NFS
server for my lan. To stop them being visible on the other interfaces
rpcbind, nfsd and mountd all have -h command arguments restricting them
to the lan's IPv4 and IPv6 addresses. This works fine for nfsd and
mountd, but sockstat -l shows rpcbind opening unrestricted ports
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
root rpcbind 18959 5 stream /var/run/rpcbind.sock
root rpcbind 18959 6 udp6 ::1:111 *:*
root rpcbind 18959 7 udp6 2a02:8010:64c9:1::3:111 *:*
root rpcbind 18959 8 udp6 *:765 *:*
root rpcbind 18959 9 tcp6 ::1:111 *:*
root rpcbind 18959 10 tcp6 2a02:8010:64c9:1::3:111 *:*
root rpcbind 18959 11 udp4 127.0.0.1:111 *:*
root rpcbind 18959 12 udp4 172.23.1.3:111 *:*
root rpcbind 18959 13 udp4 *:778 *:*
root rpcbind 18959 14 tcp4 127.0.0.1:111 *:*
root rpcbind 18959 15 tcp4 172.23.1.3:111 *:*
root rpcbind 18959 17 udp6 *:* *:*
Note the *:765 and *:* ports listening on udp6 and *:778 port on udp4.
Why is it doing this and how do I stop it?
This is on amd64 12.1-RELEASE-p8, not using NFSv4.
--
The number of people predicting the demise of Moore's Law doubles
every 18 months.
More information about the freebsd-questions
mailing list