Bill Davidsen wrote:
I have a firewall problem with running an NFS server on FC6 or FC8, due
to the GUI configuration interface not opening the firewall when I check
the NFS protocol support. It seems to only allow use as an NFS client,
since that worked fine when I tested it.
I can put the needed rules in the "RH-Firewall-1-INPUT" chain, but
mixing GUI administration and manual administration is undesirable to
prevent unexpected behavior, conflicts, etc, in the future. Is there
really no way to open the ports for NFS server other than by hand?
Opening NFS servers is tricky - the default GUI is too simple to do it well.
You'll probably need to:
1) Learn about port "pinning" for NFS (so it always uses the same ports).
2) Use a fancier GUI, like firestarter (http://www.fs-security.com/), to
control your firewall.
NFS is insecure anyways, so you'll want to have another firewall outside
the client network also. Do not expose the NFS server to public access.
- Mike
