Re: firewalled NFS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Jordi Prats wrote:
Hi,
I'm trying to setup a firewalled NFS server. I've configured my server
(CentOS 5) using the following parameters
/etc/sysconfig/nfs
MOUNTD_NFS_V1="no"
MOUNTD_NFS_V2="no"
RQUOTAD_PORT=875
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
RPCNFSDCOUNT=64
MOUNTD_PORT=892
STATD_PORT=662
STATD_OUTGOING_PORT=2020
SECURE_NFS="yes"


modprobe.conf:
options lockd nlm_udpport=4001 nlm_tcpport=4001


But it does not mount it:
# mount 172.20.0.150:/tmp/ /mnt/tmp/
mount: mount to NFS server '172.20.0.150' failed: timed out (giving up).

There's anything else I must setup to use fixed ports ?

Thanks,

It may be an obvious question, but did you open the ports in iptables? I use a similar scheme on my NFS servers to "fix" the ports and it just doesn't work at ALL unless those ports are opened up in iptables. I use different ports, but here's the lines I inserted into my /etc/sysconfig/iptables file to get NFS working on the server:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -m multiport -p tcp -s 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -m multiport -p udp -s 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT

You'll have to alter the '--dports' and '-s' parameters to match the ports and IP address range you are using.

Hope that helps!
--
Jay Leafey - Memphis, TN
jay.leafey@xxxxxxxxxxxx

<<attachment: smime.p7s>>

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux