portmap(8) - NetBSD Manual Pages

Command: Section: Arch: Collection:   
PORTMAP(8)              NetBSD System Manager's Manual              PORTMAP(8)


NAME

     portmap - RPC program number to DARPA port mapper


SYNOPSIS

     portmap [-dils]


DESCRIPTION

     portmap is a server that converts RPC program numbers into DARPA protocol
     port numbers.  It must be running in order to make RPC calls.

     When an RPC server is started, it will tell portmap what port number it
     is listening to, and what RPC program numbers it is prepared to serve.
     When a client wishes to make an RPC call to a given program number, it
     will first contact portmap on the server machine to determine the port
     number where RPC packets should be sent.

     portmap must be started before any RPC servers are invoked.

     Normally portmap forks and dissociates itself from the terminal like any
     other daemon.  portmap then logs errors using syslog(3).

     portmap uses libwrap style access control (the /etc/hosts.allow and
     /etc/hosts.deny files) to control access to the portmapper itself and
     control forwarding of requests.  This prevents clients from using portmap
     to circumvent host-based services in individual services.

     Available options:

     -d      prevents portmap from running as a daemon, and causes errors and
             debugging information to be printed to the standard error output.

     -i      ``insecure'' mode. Allows calls to PMAPPROC_SET and PMAPPROC_UN-
             SET from any host. Normally portmap accepts these requests only
             from the loopback interface for security reasons.  This change is
             necessary for programs that were compiled with earlier versions
             of the rpc library and do not make those requests using the loop-
             back interface.

     -l      Turns on libwrap connection logging.

     -p      prevents indirect calls to a short list of sensitive services,
             including NFS and NIS.

     -s      causes portmap to change to the user daemon as soon as possible.
             This causes portmap to use non-privileged ports for outgoing con-
             nections, preventing non-privileged clients from using portmap to
             connect to services from a privileged port.


SEE ALSO

     inetd.conf(5), rpcinfo(8), inetd(8), syslog(3), hosts_access(5),
     hosts_options(5)


BUGS

     If portmap crashes, all servers must be restarted.


HISTORY

     The portmap command appeared in 4.3BSD.  The security features documented
     herein derive from work by Wietse Venema at Eindhoven University of Tech-
     nology, The Netherlands, and first appeared in NetBSD 1.4.

NetBSD 1.4                       June 6, 1993                                1
Powered by man-cgi (2024-03-20). Maintained for NetBSD by Kimmo Suominen. Based on man-cgi by Panagiotis Christias.