On 24 Jul 2013, at 09:50, Nux! <nux at li.nux.ro> wrote: > Can someone help with this? I need to setup a firewall around a gluster (3.4) setup and I wouldn't like my clients to become peers. :) > So the ports I'd need to watch for would be: > management traffic (aka `gluster peer` operations etc) - 24007/tcp, 24008/tcp, 24009+/tcp (for the bricks) > client traffic (so clients can mount & use the volume, but not become peers) - ??? > nfs traffic - 111/udp, 111/tcp & 38465-38468/tcp One of the things I noticed when upgrading to 3.4 is that the clients connect to different ports than with 3.3. Now they always seem to go for port 49152 rather than something in the previous nfs range. It seems this is a feature rather than a bug, but it would be nice to mention it in any upgrade guide. It's reported as a bug here: https://bugzilla.redhat.com/show_bug.cgi?id=987555 Marcus -- Marcus Bointon Synchromedia Limited: Creators of http://www.smartmessages.net/ UK info at hand CRM solutions marcus at synchromedia.co.uk | http://www.synchromedia.co.uk/