NFS Client/Server Firewall.

NFS Client/Server Firewall.

[Vincent Mortellaro]

Hi,

I recently tried setting up an NFS server in my LAN and I've already 
nailed down the necessary ports so that lockd, statd, rquota and mountd 
now occupied ports 4000-4003. I did the same thing with clients just in 
case it would be necessary for running iptables there too. I setup 
iptables on the server using suse's yast tool, and then editing their 
susefirewall2 script to allow these ports: 2049, 111, 4000:4003 and the 
server worked fine - all of my clients could access it. However, when I 
went to firewall my clients (again using yast to configure iptables 
with the same ports) I couldn't connect to my server. Instead it gave 
an error message of "RPC: Timed Out".

I'd be more than happy writting my own iptables ruleset however I'm 
unsure as to what needs to be allowed by default for linux to work 
thats why I used yast to just add-in the parts I thought I needed. If 
anyone could give any advise about what I'm doing wrong or how I could 
setup iptables myself with rules that would protect both my nfs/samba 
server and my normal clients I'd appreciate it greatly.

Vincent

Re: NFS Client/Server Firewall.

[Jeffrey Laramie]

[-- Attachment #1: Type: text/html, Size: 3227 bytes --]