Details of VOMS LanDB sets and Firewall rules.
Here is the list of ports used:
* tcp/15000-15020:
VOMS-Core (one port per VO, so actually 15000-15010 for the moment ; 11 VOs)
* tcp/8443:
VOMS-admin and VOMRS
all ports are open on all
VomsNodes as part of the GD_VOMS LanDB set.
Note that lcg-fw, a GD-made central firewall service, is used in order to configure IPTables on each node. Do not try to modify iptable rules by hand,
else they will overloaded at the next rule update (about 1 per hour). So, to make a change to firewall rules, please send a
mail to
gd-firewall@cernSPAMNOTNOSPAMPLEASE.ch, specifying which port you want to open/close, why, and in case of port opening,
if it must be accessible from outside CERN or not.
In time when moving to SL5 and the new CDB template structure this should move to CDB managed iptables rules.