Skip to content
This repository has been archived by the owner on Feb 8, 2024. It is now read-only.

Provisioner Configured Ports In System Firewall

Jump to bottom
Yashodhan Pise edited this page Dec 22, 2020 · 1 revision

Enable and Disable Ports For S3 Services On Public Data Network

The following ports are used by S3Services, which need to be blocked from firewall any external client for LDR-R1 requirements:
Port 80 - S3 IO
Port 9080 - S3 IAM
These are disabled by default by the Provisioner.

Manually configuring S3 ports

Enable Ports:

However, if the user wishes to open these ports for their requirement, as a workaround, the below commands can be executed on run-time.

sudo salt '*' cmd.run "firewall-cmd --zone=public-data-zone --add-port=80/tcp"
sudo salt '*' cmd.run "firewall-cmd --zone=public-data-zone --add-port=9080/tcp"

Disable Ports:

In order to disable the ports without rebooting, the following CLI commands can be executed:

sudo salt '*' cmd.run "firewall-cmd --zone=public-data-zone --remove-port=80/tcp"
sudo salt '*' cmd.run "firewall-cmd --zone=public-data-zone --remove-port=9080/tcp"

Note:
These commands are executed on command-line as run-time implementation and they are only effective until server reboot.

Current Active Ports:

Also, adding a list of all the ports and their associated services currently active and open in Provisioner firewalld.

Service - Consul

8600/tcp
8600/udp
8500/tcp
8301/tcp
8301/udp
8302/tcp
8302/udp 
8300/tcp

Service - CSM

28100/tcp
28101/tcp
28102/tcp
28103/tcp

Service - Dhclient

68/udp

Service - Dhserver

67/udp

Service - Elasticsearch

9200/tcp
9300/tcp

Service - Hare

8008/tcp

Service - Lnet

988/tcp

Service - NFS

2049/tcp
2049/udp
32803/tcp
892/tcp
875/tcp

Service - NTPD

123/udp

Service - SMTP

25/tcp

Service - RabbitMQ - epmd

4369/tcp

Service - RabbitMQ - AMQP 0-9-1 and 1.0 clients without and with TLS

5671/tcp
5672/tcp

Service - RabbitMQ - inter-node and CLI tools communication

25672/tcp

Service - RabbitMQ - CLI tools (Erlang distribution client ports) for communication with nodes

35672/tcp
35673/tcp
35674/tcp
35675/tcp
35676/tcp
35677/tcp
35678/tcp
35679/tcp
35680/tcp 
35681/tcp

Service - RabbitMQ - HTTP API clients, management UI and rabbitmqadmin

15672/tcp

Service - OpenLDAP

389/tcp

Service - S3

7081/tcp
8081/tcp
8082/tcp 
8083/tcp
8081/tcp
8081/tcp
8081/tcp
8081/tcp
8081/tcp
8081/tcp
8081/tcp
8090/tcp
8091/tcp
8092/tcp
8093/tcp
8094/tcp
8095/tcp
8096/tcp
8097/tcp
8098/tcp 
514/tcp
514/udp
8125/tcp
6379/tcp
9443/tcp
9086/tcp

Service - Saltmaster

4505/tcp
4506/tcp

Service - UDS

5000/tcp

Service - UDS - expose websocket servers

3535/tcp
4000/tcp

Service - UDS - to advertise remote volumes over UDP multicast

5125/udp

Service - WWW - https secure port

443/tcp

Index

Clone this wiki locally