Binding ports for NFS

redhatdude at bellsouth.net redhatdude at bellsouth.net
Fri Dec 16 13:54:33 UTC 2005 

Thanks Res.
It is a firewall problem. With the firewall on nothing gets logged.  
No messages on /var/log/messages. When I turn of the firewall then  
the connection shows in that log. sulinex is now denying access to  
the share, but I can fix that later. I'm using system-config- 
securitylevel to set up the firewall.
This is what I have there:
52525:tcp, imap:tcp, imaps:tcp, 5801:tcp, 5901:tcp, nfs:tcp, nfs:udp,  
sunrpc:tcp, sunrpc:udp
I have hosts.allow and hosts.deny blank so all traffic should be  
accepted.
So I guess I have to open up the ports for the other daemons, but  
those ports change.
How should I do this?
EJ

On Dec 16, 2005, at 4:45 AM, Res wrote:

> On Fri, 16 Dec 2005, redhatdude at bellsouth.net wrote:
>
>> Thanks a lot Res,
>> Now I can't mount the share from MacOS X 10.4
>
>>
>> What is the problem?
>> I can mount the same folder in my home folder in Fedora but not  
>> from the Mac.
>> This is the error on the mac
>> mount_nfs: bad MNT RPC: RPC: Timed out
>
> have a look in messages file on server , and run iptraf and watch  
> and see if it hits ok or gets rejcted, temp flush firewall and try  
> connect with mac to eliminate it
>
> Ive never used a mac but a timeout is a timeout, firewlal for sure
>
>
>>
>> On Dec 16, 2005, at 2:28 AM, Res wrote:
>>
>>> Hi,
>>> On Thu, 15 Dec 2005, redhatdude at bellsouth.net wrote:
>>>> Let's see if I have more luck with this question and somebody  
>>>> answers it.
>>>> I'm trying to share a folder using NFS. The problem I'm having  
>>>> is with the ports some of the daemons use and the firewall. The  
>>>> ports for portmapper and nfsd remain the same all the time and I  
>>>> can open them in the firewall. However, daemons such as lockd  
>>>> and mountd change every time I load the nfs service. What I'd  
>>>> like to do is bind these daemos to a specific port that would  
>>>> remain open in the firewall. How can I accomplish that?
>>> You should know the IP of the server in question, allow that  
>>> server unrestricted access in your firewall, if its on your LAN,  
>>> have the router filter 2049 and 111 completely from the internet  
>>> (tcp and udp)
>>> Also if your LAN is 192.168.0.0/24 in your /etc/hosts.allow:
>>> portmap: 192.168.0.1/255.255.255.0
>>> lockd: 192.168.0.1/255.255.255.0
>>> statd: 192.168.0.1/255.255.255.0
>>> mountd: 192.168.0.1/255.255.255.0
>>> rquotad: 192.168.0.1/255.255.255.0
>>> If you only want to put in single IP's put them in in this format:
>>> SERVICETYPE: 192.168.0.1 , 192.168.0.254
>>> note, yes thats -  I.P space comma space I.P
>>> and in /etc/hosts.deny:
>>> portmap: ALL
>>> lockd: ALL
>>> statd: ALL
>>> mountd: ALL
>>> rquotad: ALL
>>> -- 
>>> Cheers
>>> Res
>>> -- 
>>> fedora-list mailing list
>>> fedora-list at redhat.com
>>> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>>
>>
>
> -- 
> Cheers
> Res
>
> -- 
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

More information about the users mailing list