Re: nfs - Sven Riedel

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Sven Riedel <sr@gimp.org>
To: Rob Verduijn <rverduij@dds.nl>
Cc: netfilter@lists.netfilter.org
Subject: Re: nfs
Date: Tue, 5 Aug 2003 10:17:23 +0200	[thread overview]
Message-ID: <20030805081723.GD11849@localnet> (raw)
In-Reply-To: <1060065419.3395.1.camel@rincewind>

On Tue, Aug 05, 2003 at 08:36:59AM +0200, Rob Verduijn wrote:
> What would be the rule setting I need to mount a remote nfs share when I
> am using connection tracking and a default DROP policy?

First, since NFS uses RPCs you need to know what ports rpc.mountd,
rpc.statd and maybe rpc.lockd are running on. If you have influence over
the server, try setting the ports explictly (invoke the daemons with the
-p flag. Works with statd and mountd, lockd is a bit more tricky). 

Otherwise the ports are
allocated dynamically and the client has to ask the remote portmapper
where the daemons are listening. Any rules in this case are only valid
as long as the rpc-services on the nfs-server aren't restarted.

You'll have to allow the following ports:
udp/2049: nfs 
tcp/2049: nfs, if you're using nfs over tcp, nfs v3 and up
udp/111: portmap/sunrpc
tcp/111: portmap/sunrpc
udp/<rpc.statd>
tcp/<rpc.statd>
udp/<rpc.mountd>
tcp/<rpc.mountd>
and maybe:
udp/<rpc.lockd>
tcp/<rpc.lockd>

Regs,
Sven


-- 
Sven Riedel                      sr@gimp.org
Liebigstr. 38 
30163 Hannover                  "Python is merely Perl for those who
                                 prefer Pascal to C" (anon)

next prev parent reply	other threads:[~2003-08-05  8:17 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-08-05  6:36 nfs Rob Verduijn
2003-08-05  8:17 ` Sven Riedel [this message]
2003-08-05  9:02   ` nfs Rob Verduijn
2003-08-05  9:49     ` nfs Chris Wilson
2003-08-07  0:58 ` nfs Ulises Hernandez Pino
  -- strict thread matches above, loose matches on Subject: below --
2015-06-19 19:09 NFS Andrew Holway
2015-06-19 19:29 ` NFS James Carter
2015-06-19 20:19   ` NFS Andrew Holway
2015-06-19 20:40     ` NFS Daniel J Walsh
2007-08-13 14:13 Nfs Ina Flanagan
2003-11-15 21:23 nfs Redeeman
2003-11-15 21:48 ` nfs Hendrik Visage
2003-11-17 14:38   ` nfs Dan Oglesby
2003-11-17  4:08     ` nfs Hans Reiser
2003-11-17 16:38       ` nfs Eric Whiting
2003-11-17 17:16         ` nfs Redeeman
2003-08-23 17:35 nfs will supat
2002-11-20 13:08 NFS ligp

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20030805081723.GD11849@localnet \
    --to=sr@gimp.org \
    --cc=netfilter@lists.netfilter.org \
    --cc=rverduij@dds.nl \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.