Re: NFS versus the firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I have been watching this one for just this reason. Thanks this seems to explain some issues i was
having with a file server i was attempting to access. I settled for samba in the end though it
nags at me to "settle" for anything. I will have to try this when i find a spare moment. 

Happy New Year,
-Max
--- "Amadeus W.M." <amadeus84@xxxxxxxxxxx> wrote:


> 
> The difficulty with nfs is that it uses a few auxiliary rpc services, 
> which by default get started on a random port. These random ports must be 
> open in the firewall, but because they are random, the iptables has no 
> idea what they might be. 
> 
> The cure is to force these services to ALWAYS start on pre-assigned 
> ports, and open these ports in the firewall. 
> 
> To this end, on the nfs server 
> 
> 1) Create a file /etc/sysconfig/nfs with the following contents:
> 
> RQUOTAD_PORT=4000
> LOCKD_TCPPORT=4001
> LOCKD_UDPPORT=4001
> MOUNTD_PORT=4002
> STATD_PORT=4003
> 
> The nfs config file already exists, but it's full of comments. Erase 
> everything and put these lines in, or just edit the appropriate lines in 
> the existing file. You can choose any ports available, not necessarily 
> 4000-4003.
> 
> 
> 2) Open range 4000-4003 tcp and udp in iptables. This you can do 
> manually, but it can be done from system-config-firewall very easily and 
> intuitively.
> 
> 3) Open port 111 (portmapper) and 2049 (nfs) as well.
> 
> Done.
> 
> 
> Now, from any client (which should be running the automounter (autofs) by 
> default), you should be able to 
> 
> cd /net/nfsserver/exported/partition
> 
> 
> I have all this up and running, and it's pretty cool to watch video that 
> resides on my main pc (nfs server) on my big hdtv, via nfs and a wireless 
> laptop that sits on top of my tv. 
> 
> 
> -- 
> fedora-list mailing list
> fedora-list@xxxxxxxxxx
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> 



      ____________________________________________________________________________________
Looking for last minute shopping deals?  
Find them fast with Yahoo! Search.  http://tools.search.yahoo.com/newsearch/category.php?category=shopping

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux