MyCloud (gen2) with static NFS port numbers (for internet access)

Here is a little pre-emptive guide on how to make this happen, as I spent a considerable amount of time trying to figure this out myself.

WD has gone out of their way to make this very difficult to do. The behavior is controlled by a script, contained inside a cramfs container, which gets mounted at /usr/local/modules. A symlink exists in /usr/sbin that points to this location, for a file named ‘nfs’.

/usr/sbin/nfs -> /usr/local/modules/nfs

This is a typical start/stop script that really belongs in /etc/init.d, but for whatever reason, lives in /usr/sbin. Again, it actually resides on a read-only cramfs container.

This script is what actually sets up the daemons that service NFS sharing, and these are directly invoked by this script. It does not reference any configuration files, ANYWHERE, to control invocation other than for “did user enable NFS yes/no?” and a do-nothing section if that is so. By default, they make no attempts to control with a port number, and the default behavior is for statd and mountd to use randomly selected user ports to make the connections. If you are trying to access the NAS remotely over the internet, this is bullshit, because you never know what ports those two are going to try talking on, which will of course, NOT BE EXPOSED through the firewall. To make the daemons use static port numbers (for statd and mountd specifically-- RPC and pals already use default ports that are static at 111 and 2049), you need to edit this script, and add the appropriate arguments to the invocation. (typically -p [port] ) That means you need to copy the script to writable storage. No biggie, but making the symlink point to the edited version of the script persistently is tricky, since the root filesystem (and thus /usr/sbin) is hosted by a ramdisk, and thus is volatile storage, and gets recreated from scratch on every boot.

There are instructions on how to hijack the stime section of the device’s config.xml so that the NAS will execute a user script on startup here:

How to run a user boot script at MyCloud Gen2 (2.11.xx) devices

The combination of editing the nfs script, saving it on a persistent and writable location, creating a startup script to delete and recreate the the symbolic link so that it points at the right place and then restart NFS will cause the NAS to use the arbitrarily defined port numbers of your choosing, which will allow you to use NFS past a NAT firewall, and thus use it across the internet as cloud storage.

I have tested it, it works.


I hope this helps lots of other people as well.

Be sure your exports and connection rules are sensible if you are allowing outside NFS connections! That is left as an exercise for the reader.

1 Like


Thank you for taking the time to create this guide.

Main reason for my user boot script hack was some modifications to the nfs settings. I mount the mycloud to my Mac only via NFS automounter, as it is most stable and reliable.

Nice to hear that others jump on the same bandwagon.