portmap(1M)

portmap(1M) portmap(1M)

NAME
portmap - RPC program number to universal address mapper

SYNOPSIS
/usr/etc/portmap [ -vmwAbC ] [ -f forkcnt ] [ -l backlog ] [ -a mask,match | -a match ]

DESCRIPTION
portmap is a server that converts RPC program numbers into the universal
addresses. It must be running in order to make RPC calls.

When an RPC server is started, it tells portmap what address it is
listening to and what RPC program numbers it is prepared to serve. When a
client wishes to make an RPC call to a given program number, it first
contacts portmap on the server machine to determine the address where RPC
calls should be sent.

After portmap starts, inetd(1M) can register its standard RPC servers.

Options to customize portmap's behavior are read from the file
/etc/config/portmap.options during system initialization. The options
are:

-v Verbose: prints error messages using syslog(3B) when a service fails
or when an unprivileged process or remote host tries to set or unset
a port mapping.

-f forkcnt
This option is ignored and provided only for the compatibility with
the old portmap implementations.

-l backlog
This option is ignored and provided only for compatibility with
rpcbind.

-a mask,match
-a match
This option permits restriction of most of the portmap services to a
subset of hosts or networks. (The portmap null procedure is not
restricted.) The mask, and match arguments are IP addresses in
Internet dot notation (see inet(3N)) that represent masks, hosts or
networks. The mask and match arguments must be separated by a comma
with no intervening whitespace. If mask and the comma are missing,
the argument is interpreted as a Class A, B, or C network number and
the mask is set to the value appropriate for the network's class.

The -a option can be repeated up to 50 times. For each mask and
match specified, the requesting client host's address is logically-
ANDed with mask; if the result equals match, the client's request is
processed. If none of the mask-match comparisons succeed, the
request is rejected. Requests from all of the local host's
addresses are always permitted.

For example, if /etc/config/portmap.options contains

-a 255.255.255.0,128.32.199.0
-a 192.0.2.0
-a 255.255.255.255,192.26.51.3

access is restricted to any host on the Class B 128.32.199 subnet or
the Class C 192.0.2 network or to the host with the 192.26.51.3
address. Requests from clients on any other networks are rejected.

-A This option is equivalent to a series of -a options listing all of
the addresses of interfaces on the machine, with their netmasks. It
is convenient for authorizing hosts on directly connected networks
and point-to-point links without explicitly enumerating the
networks. The restrictions defined by -A do not count against the
limit of 50 -a options.

-b This option causes the -a and -A options to apply only to packets
that arrive via multicast.

-m Enable reception of RPC requests sent to portmap's multicast
address, provided their sources meet the restrictions imposed by -a
or -A. Multicast requests received from what should be local
addresses are always ignored. The -a and/or -A options should
always be used with -m on machines that can be reached by multicast
packets from the Internet, such as MBONE feeds. The -b option is
handy with -m on systems shielded from the Internet by firewalls,
where all networks that can be reached via unicast or broadcast are
trusted.

-C Turn on compatibility mode. This will allow local applications to
register with portmap using a network address other than the
loopback address. Applications that do not use the SGI-provided RPC
interfaces to register with portmap may require this option to
function properly. However, use of this option will also introduce
a known security problem.

-w Warmstart. Starting with IRIX 6.5.23 portmap supports warm-
starting: when it receives a SIGINT signal, it saves a copy of its
current configuration in /tmp/rpcbind.file and /tmp/portmap.file.
The -w switch causes portmap to re-load saved configuration from
these files when it is started.

FILES
/tmp/rpcbind.file
/tmp/portmap.file
/etc/config/portmap.options