From: Rob Verduijn <rverduij@dds.nl>
To: sr@gimp.org
Cc: netfilter@lists.netfilter.org
Subject: Re: nfs
Date: Tue, 05 Aug 2003 11:02:57 +0200 [thread overview]
Message-ID: <1060074177.2848.3.camel@rincewind> (raw)
In-Reply-To: <20030805081723.GD11849@localnet>
Hi there,
I do have some influence over the nfs server, (it's my backup server) so
that wouldn't be a big problem.
My second question would be what the IP table rule settings would be on
the server :)
On Tue, 2003-08-05 at 10:17, Sven Riedel wrote:
> On Tue, Aug 05, 2003 at 08:36:59AM +0200, Rob Verduijn wrote:
> > What would be the rule setting I need to mount a remote nfs share when I
> > am using connection tracking and a default DROP policy?
>
> First, since NFS uses RPCs you need to know what ports rpc.mountd,
> rpc.statd and maybe rpc.lockd are running on. If you have influence over
> the server, try setting the ports explictly (invoke the daemons with the
> -p flag. Works with statd and mountd, lockd is a bit more tricky).
>
> Otherwise the ports are
> allocated dynamically and the client has to ask the remote portmapper
> where the daemons are listening. Any rules in this case are only valid
> as long as the rpc-services on the nfs-server aren't restarted.
>
> You'll have to allow the following ports:
> udp/2049: nfs
> tcp/2049: nfs, if you're using nfs over tcp, nfs v3 and up
> udp/111: portmap/sunrpc
> tcp/111: portmap/sunrpc
> udp/<rpc.statd>
> tcp/<rpc.statd>
> udp/<rpc.mountd>
> tcp/<rpc.mountd>
> and maybe:
> udp/<rpc.lockd>
> tcp/<rpc.lockd>
>
> Regs,
> Sven
>
next prev parent reply other threads:[~2003-08-05 9:02 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-08-05 6:36 nfs Rob Verduijn
2003-08-05 8:17 ` nfs Sven Riedel
2003-08-05 9:02 ` Rob Verduijn [this message]
2003-08-05 9:49 ` nfs Chris Wilson
2003-08-07 0:58 ` nfs Ulises Hernandez Pino
-- strict thread matches above, loose matches on Subject: below --
2015-06-19 19:09 NFS Andrew Holway
2015-06-19 19:29 ` NFS James Carter
2015-06-19 20:19 ` NFS Andrew Holway
2015-06-19 20:40 ` NFS Daniel J Walsh
2007-08-13 14:13 Nfs Ina Flanagan
2003-11-15 21:23 nfs Redeeman
2003-11-15 21:48 ` nfs Hendrik Visage
2003-11-17 14:38 ` nfs Dan Oglesby
2003-11-17 4:08 ` nfs Hans Reiser
2003-11-17 16:38 ` nfs Eric Whiting
2003-11-17 17:16 ` nfs Redeeman
2003-08-23 17:35 nfs will supat
2002-11-20 13:08 NFS ligp
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1060074177.2848.3.camel@rincewind \
--to=rverduij@dds.nl \
--cc=netfilter@lists.netfilter.org \
--cc=sr@gimp.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.