NFS trough firewall problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi.

I have two NAT-ed network segments. One is my internal network and one is
a 'semi internal' network. Computers from semi-internal network should
have access only to the internet, whiles computers on internal network
should have access both to the internet and limited access to
semi-internal network (telnet, ssh, ftp, ..., NFS).

I read that nfs4 is designed to work also beside firewalls. For this
reason it uses only TCP port 2049. So I added a rule to my firewall:
----
iptables -A FORWARD -s <in_net> -d <semi_net> -m state --state NEW -p
  tcp --dport 2049 -j ACCEPT
----

I ran FC3 on both computers (on my semi-net - NFS server and on my
internal net - NFS client). When I'm trying to mount an exported share
with a command like:
----
mount -t nfs4 <semi_net_ip>:/exports /mnt/semi_net
----
I'm getting an error 'mount: Permission denied'.

The same command executed on a NFS client on the semi_net works fine.


BTW: computers on semi_net uses only /etc/hosts files to resolve names
from internal net. Internal computers uses the internal DNS server for
this purpose. The names are correct ... the only difference is that IP-s
can be reverse resolved in the DNS (PTR records) whiles /etc/hosts file
doesn't contain PTR records (heh ... of course ;) ).


Some sugestion how to solve the problem?


Best regards,
Dezo


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux