Get the most out of your Centmin Mod LEMP stack
Become a Member

Stable Branch remove ports 111 & 2049 from CSF Firewall whitelist by default

Discussion in 'Centmin Mod Github Commits' started by eva2000, Sep 9, 2015.

  1. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    12:18 AM
    Nginx 1.13.x
    MariaDB 5.5
    remove ports 111 & 2049 from CSF Firewall whitelist by default

    remove RPC/portmapper and NFS ports 111 and 2049 from CSF Firewall whitelist by default so that folks who
    only need it can open it up to specific server IP addresses see advance CSF Firewall rules at CSF - CSF Firewall info | Centmin Mod Community
    examples for allowing 111, 2049 TCP/UDP ports for only source/destination IP = 11.22.33.44 to be added to /etc/csf/csf.allow
    restart of CSF service is required

    tcp|in|d=111|s=11.22.33.44
    tcp|in|d=2049|s=11.22.33.44
    tcp|out|d=111|d=11.22.33.44
    tcp|out|d=2049|d=11.22.33.44
    udp|in|d=111|s=11.22.33.44
    udp|in|d=2049|s=11.22.33.44
    udp|out|d=111|d=11.22.33.44
    udp|out|d=2049|d=11.22.33.44

    only remove ports 111, 2049 from TCP/UDP whitelist if detected NFS package not installed

    On updated Centmin Mod 123.08stable and 123.09beta01 and higher, just running centmin.sh again will auto remove the ports then you either manually restart CSF Firewall or wait for next CSF Firewall daily auto update to trigger the restart

    Continue reading...

    Centmin Mod Github Current Stable branch

     
    Last edited: Sep 9, 2015