Re: Binding ports for NFS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks Res.
It is a firewall problem. With the firewall on nothing gets logged. No messages on /var/log/messages. When I turn of the firewall then the connection shows in that log. sulinex is now denying access to the share, but I can fix that later. I'm using system-config- securitylevel to set up the firewall.
This is what I have there:
52525:tcp, imap:tcp, imaps:tcp, 5801:tcp, 5901:tcp, nfs:tcp, nfs:udp, sunrpc:tcp, sunrpc:udp I have hosts.allow and hosts.deny blank so all traffic should be accepted. So I guess I have to open up the ports for the other daemons, but those ports change.
How should I do this?
EJ

On Dec 16, 2005, at 4:45 AM, Res wrote:

On Fri, 16 Dec 2005, redhatdude@xxxxxxxxxxxxx wrote:

Thanks a lot Res,
Now I can't mount the share from MacOS X 10.4


What is the problem?
I can mount the same folder in my home folder in Fedora but not from the Mac.
This is the error on the mac
mount_nfs: bad MNT RPC: RPC: Timed out

have a look in messages file on server , and run iptraf and watch and see if it hits ok or gets rejcted, temp flush firewall and try connect with mac to eliminate it

Ive never used a mac but a timeout is a timeout, firewlal for sure



On Dec 16, 2005, at 2:28 AM, Res wrote:

Hi,
On Thu, 15 Dec 2005, redhatdude@xxxxxxxxxxxxx wrote:
Let's see if I have more luck with this question and somebody answers it. I'm trying to share a folder using NFS. The problem I'm having is with the ports some of the daemons use and the firewall. The ports for portmapper and nfsd remain the same all the time and I can open them in the firewall. However, daemons such as lockd and mountd change every time I load the nfs service. What I'd like to do is bind these daemos to a specific port that would remain open in the firewall. How can I accomplish that?
You should know the IP of the server in question, allow that server unrestricted access in your firewall, if its on your LAN, have the router filter 2049 and 111 completely from the internet (tcp and udp)
Also if your LAN is 192.168.0.0/24 in your /etc/hosts.allow:
portmap: 192.168.0.1/255.255.255.0
lockd: 192.168.0.1/255.255.255.0
statd: 192.168.0.1/255.255.255.0
mountd: 192.168.0.1/255.255.255.0
rquotad: 192.168.0.1/255.255.255.0
If you only want to put in single IP's put them in in this format:
SERVICETYPE: 192.168.0.1 , 192.168.0.254
note, yes thats -  I.P space comma space I.P
and in /etc/hosts.deny:
portmap: ALL
lockd: ALL
statd: ALL
mountd: ALL
rquotad: ALL
--
Cheers
Res
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list



--
Cheers
Res

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux