AFP (Apple Filing Protocol)
- Netatalk - Open source AFP implementation
- Alpine Linux Package: netatalk
- afpfs-ng - AFP client for Linux
Configuration (Netatalk)
Configure permissions carefully for shared directories.
afp.conf
[Global]
mimic model = TimeCapsule6,106
log level = default:warn
log file = /var/log/afpd.log
#hosts allow = 192.168.1.0/16
[Homes]
basedir regex = /home
[TimeMachine]
path = /data/backup/timemachine
valid users = tmuser
time machine = yes
# Limit size to 2TB
# vol size limit = 2000
[share]
path = /share
valid users = wener
Network
- Ports:
- TCP 548 (AFP)
- UDP 5353 (mDNS/Avahi)
Avahi / Bonjour / Zeroconf
- A multicast/unicast DNS-SD framework.
- Required for auto-discovery on macOS.
avahi-daemon --help
iptables
# mDNS
iptables -I INPUT -p udp --dport mdns -d 224.0.0.251 -j ACCEPT
iptables -I OUTPUT -p udp --dport mdns -d 224.0.0.251 -j ACCEPT
# AFP (TCP 548)
iptables -I INPUT -p tcp --dport afpovertcp -j ACCEPT
# SLP (Service Location Protocol)
iptables -I INPUT -p tcp --dport slp -j ACCEPT
iptables -I OUTPUT -p tcp --dport slp -j ACCEPT
iptables -I INPUT -p udp --dport slp -j ACCEPT
iptables -I OUTPUT -p udp --dport slp -j ACCEPT
# AppleTalk (Legacy)
iptables -I INPUT -p tcp -m multiport --dport at-rtmp,at-nbp,at-echo,at-zis -j ACCEPT
iptables -I OUTPUT -p tcp -m multiport --dport at-rtmp,at-nbp,at-echo,at-zis -j ACCEPT