Todd Denniston wrote:
Bill Davidsen wrote, On 02/20/2008 02:32 PM:
I am trying to replace a bunch of NFS servers with new machines
running FC8. The NFS server is doing some kind of evil security check
which was not present in FC1, causing connection rejects like "invalid
port XXXXXX" messages. Since the port works against the FC1 server,
and there are 120-140 clients per server, running various operating
systems, the solution lies in telling the NFS service to stop doing
the unwanted security check and treat anything coming through iptables
as valid.
Has someone a thought on this? Changing clients isn't going to happen,
and it seems the Solaris NFS server works (or the upgrade from FC1
might be dropped).
Does this help?
https://www.redhat.com/archives/fedora-list/2006-July/msg03474.html
https://www.redhat.com/archives/fedora-list/2006-July/msg03489.html
The 2nd one may be useful, although at the moment I have just poked a
seven bit wide hole in the firewall for anything from the local subnet
of the private network.
Testing continues, thanks.
--
Bill Davidsen <davidsen@xxxxxxx>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot