Bright:Shorewall:port open

Internal Networks

There is no need to change the firewall to open ports onto the internal network - They will be open by default.

External Networks

By default only ports 22 (ssh, 8081 (cm manager) and 8080 (httpd) are open by default.

A number of rules have been added to the file and disabled to open other ports. These can simply be enabled to open the relevent ports to the external network (net zone). as an xample to open ports for nfs mounts i would un comment these lines:

<syntaxhighlight> ACCEPT net fw tcp 111 # portmapper ACCEPT net fw udp 111 ACCEPT net fw tcp 2049 # nfsd ACCEPT net fw udp 2049 ACCEPT net fw tcp 4000 # statd ACCEPT net fw udp 4000 ACCEPT net fw tcp 4001 # lockd ACCEPT net fw udp 4001 ACCEPT net fw udp 4005 ACCEPT net fw tcp 4002 # mountd ACCEPT net fw udp 4002 ACCEPT net fw tcp 4003 # rquotad ACCEPT net fw udp 4003 <syntaxhighlight>