On Thu, 31 May 2012, Boris Epstein wrote:

On Thu, May 31, 2012 at 5:08 PM, <m.r...@5-cent.us> wrote:

Boris Epstein wrote:
Hello all,

I have a server on my private network that is configured as an NIS server and mapped to a "public" IP address on a firewall. All other TCP ports (SSH, iperf, you name it) are visible from the outside - but the portmapper-managed ports (port 111 itself and the YPSERV/YPXFRD ports, etc.) are not visible from the outside - even though they are alive and well on the internal network.

So, here's the question: is there anything special as far as portmapper's networking/security setup that is at play here?

Is it open to the correct destination in iptables?


I believe so. Basically, iptables is set to forward any and all traffic arriving on an external public IP to the internal private one. For multiple ports it seems to work fine. I use the same approach to forward NFS mounts to a private NFS server on the same private network - and that works like a charm which actually makes it even more mysterious, IMO.

I'll note that access to portmap can be manipulated via /etc/hosts.{allow,deny}, just in case that's an issue here.

--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Reply via email to