Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux Protect portmap With iptables

To further restrict access to the portmap service, it is a good idea to add iptables rules to the server and restrict access to specific networks.
Below are two example iptables commands. The first allows TCP connections to the port 111 (used by the portmap service) from the network. The second allows TCP connections to the same port from the localhost. This is necessary for the sgi_fam service used by Nautilus. All other packets are dropped.
iptables -A INPUT -p tcp -s! --dport 111 -j DROP
iptables -A INPUT -p tcp -s --dport 111 -j ACCEPT
To similarly limit UDP traffic, use the following command.
iptables -A INPUT -p udp -s! --dport 111 -j DROP


Refer to Section 48.8, “Firewalls” for more information about implementing firewalls with iptables commands.