Re: Binding ports for NFS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks a lot Res,
Now I can't mount the share from MacOS X 10.4
I get a time out error. However, I can see everything running on the FC4 machine from the mac. 
rpcinfo -p 192.168.1.102
   program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  32972  status
    100024    1   tcp  32791  status
    100011    1   udp    861  rquotad
    100011    2   udp    861  rquotad
    100011    1   tcp    864  rquotad
    100011    2   tcp    864  rquotad
    100003    2   udp   2049  nfs
    100003    3   udp   2049  nfs
    100003    4   udp   2049  nfs
    100003    2   tcp   2049  nfs
    100003    3   tcp   2049  nfs
    100003    4   tcp   2049  nfs
    100021    1   udp  32987  nlockmgr
    100021    3   udp  32987  nlockmgr
    100021    4   udp  32987  nlockmgr
    100021    1   tcp  32820  nlockmgr
    100021    3   tcp  32820  nlockmgr
    100021    4   tcp  32820  nlockmgr
    100005    1   udp    874  mountd
    100005    1   tcp    877  mountd
    100005    2   udp    874  mountd
    100005    2   tcp    877  mountd
    100005    3   udp    874  mountd
    100005    3   tcp    877  mountd

What is the problem?
I can mount the same folder in my home folder in Fedora but not from the Mac. 
This is the error on the mac
mount_nfs: bad MNT RPC: RPC: Timed out
Thanks,
EJ


On Dec 16, 2005, at 2:28 AM, Res wrote:


Hi,

On Thu, 15 Dec 2005, redhatdude@xxxxxxxxxxxxx wrote:
Let's see if I have more luck with this question and somebody answers it. I'm trying to share a folder using NFS. The problem I'm having is with the ports some of the daemons use and the firewall. The ports for portmapper and nfsd remain the same all the time and I can open them in the firewall. However, daemons such as lockd and mountd change every time I load the nfs service. What I'd like to do is bind these daemos to a specific port that would remain open in the firewall. How can I accomplish that?
You should know the IP of the server in question, allow that server unrestricted access in your firewall, if its on your LAN, have the router filter 2049 and 111 completely from the internet (tcp and udp) 

Also if your LAN is 192.168.0.0/24 in your /etc/hosts.allow:

portmap: 192.168.0.1/255.255.255.0
lockd: 192.168.0.1/255.255.255.0
statd: 192.168.0.1/255.255.255.0
mountd: 192.168.0.1/255.255.255.0
rquotad: 192.168.0.1/255.255.255.0

If you only want to put in single IP's put them in in this format:
SERVICETYPE: 192.168.0.1 , 192.168.0.254
note, yes thats -  I.P space comma space I.P

and in /etc/hosts.deny:

portmap: ALL
lockd: ALL
statd: ALL
mountd: ALL
rquotad: ALL



--
Cheers
Res

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux