On SL3, and probably SL5, "man yppasswdd" shows that one may start it 
up with a parameter which specifies which port it should use:

--port number
      rpc.yppasswdd  will  try  to  register itself to this port. This
      makes it  possible to have a router filter packets to the NIS ports.

Similarly, see "man ypserv".


Steven Yellin

On Thu, 3 Jul 2008, Miles O'Neal wrote:

> Eve V. E. Kovacs said...
> |
> |Does anyone know the correct hole to punch in the firewall on an
> |SL5.x NIS server so that yppasswd works on the clients? I find if I
> |drop the firewall on the server, yppasswd works on the clients, but
> |if it is in place a get a message saying that
> |yppasswd: yppasswdd not running on NIS master host
> |even though it is.
>
> Normally these get assigned dynamically by
> the portmapper, which makes it difficult
> to know which ports to lock down.
>
> s looks like a way around it:
>
>   http://www.ale.org/pipermail/ale/20031030/002564.html
>
> [I haven't tried it as our firewall to the
> world is solid, and internally we just lock
> servers down and run only necessary services
> with reasonably high levels of security.  We
> don't run iptables on anything I can think of
> inside the firewall, and we don't let NIS, NFS,
> etc through the firewall].
>
> -Miles
>