Binding ports for NFS
redhatdude at bellsouth.net
redhatdude at bellsouth.net
Fri Dec 16 13:54:33 UTC 2005
Thanks Res.
It is a firewall problem. With the firewall on nothing gets logged.
No messages on /var/log/messages. When I turn of the firewall then
the connection shows in that log. sulinex is now denying access to
the share, but I can fix that later. I'm using system-config-
securitylevel to set up the firewall.
This is what I have there:
52525:tcp, imap:tcp, imaps:tcp, 5801:tcp, 5901:tcp, nfs:tcp, nfs:udp,
sunrpc:tcp, sunrpc:udp
I have hosts.allow and hosts.deny blank so all traffic should be
accepted.
So I guess I have to open up the ports for the other daemons, but
those ports change.
How should I do this?
EJ
On Dec 16, 2005, at 4:45 AM, Res wrote:
> On Fri, 16 Dec 2005, redhatdude at bellsouth.net wrote:
>
>> Thanks a lot Res,
>> Now I can't mount the share from MacOS X 10.4
>
>>
>> What is the problem?
>> I can mount the same folder in my home folder in Fedora but not
>> from the Mac.
>> This is the error on the mac
>> mount_nfs: bad MNT RPC: RPC: Timed out
>
> have a look in messages file on server , and run iptraf and watch
> and see if it hits ok or gets rejcted, temp flush firewall and try
> connect with mac to eliminate it
>
> Ive never used a mac but a timeout is a timeout, firewlal for sure
>
>
>>
>> On Dec 16, 2005, at 2:28 AM, Res wrote:
>>
>>> Hi,
>>> On Thu, 15 Dec 2005, redhatdude at bellsouth.net wrote:
>>>> Let's see if I have more luck with this question and somebody
>>>> answers it.
>>>> I'm trying to share a folder using NFS. The problem I'm having
>>>> is with the ports some of the daemons use and the firewall. The
>>>> ports for portmapper and nfsd remain the same all the time and I
>>>> can open them in the firewall. However, daemons such as lockd
>>>> and mountd change every time I load the nfs service. What I'd
>>>> like to do is bind these daemos to a specific port that would
>>>> remain open in the firewall. How can I accomplish that?
>>> You should know the IP of the server in question, allow that
>>> server unrestricted access in your firewall, if its on your LAN,
>>> have the router filter 2049 and 111 completely from the internet
>>> (tcp and udp)
>>> Also if your LAN is 192.168.0.0/24 in your /etc/hosts.allow:
>>> portmap: 192.168.0.1/255.255.255.0
>>> lockd: 192.168.0.1/255.255.255.0
>>> statd: 192.168.0.1/255.255.255.0
>>> mountd: 192.168.0.1/255.255.255.0
>>> rquotad: 192.168.0.1/255.255.255.0
>>> If you only want to put in single IP's put them in in this format:
>>> SERVICETYPE: 192.168.0.1 , 192.168.0.254
>>> note, yes thats - I.P space comma space I.P
>>> and in /etc/hosts.deny:
>>> portmap: ALL
>>> lockd: ALL
>>> statd: ALL
>>> mountd: ALL
>>> rquotad: ALL
>>> --
>>> Cheers
>>> Res
>>> --
>>> fedora-list mailing list
>>> fedora-list at redhat.com
>>> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>>
>>
>
> --
> Cheers
> Res
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
More information about the users
mailing list