RPC Traffic
SunScreen EFS 3.0 contains a state engine to handle the RPC protocols. This can safely screen RPC protocols as long as they use the portmapper and do not use dynamic RPC program values.
If you need to define a new RPC service, define a new service entry using both the rpc_udp and pmap_udp state engines. You specify the well-known RPC program of the RPC service you wish to pass. If you specify "*" for the RPC program, this means it passes all RPC services regardless of program.
Several well-known RPC services such as NFS and NIS have been defined to include all the RPC and non-RPC protocols that these systems require.
Some NFS clients use the lock manager. Since a lock manager makes connections in both directions (to NFS server and from NFS server) you m ay need to use the "nlm" service when you allow NFS access.
Broadcast port mapping (NIS) is not supported for encrypted connections.
- © 2010, Oracle Corporation and/or its affiliates