[gentoo-user] [OT] NFS through a firewall

Roger Mason Fri, 11 Apr 2008 07:15:56 -0700

Hello,

I'm trying to configure the firewall on a client to allow that client
to mount an nfs directory.  The client runs a netfilter firewall, the
server uses tcpwrapper.


rpcinfo -p on the server shows:

beryl rmason # rpcinfo -p
   program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  32765  status
    100024    1   tcp  32765  status
    100003    2   udp   2049  nfs
    100003    3   udp   2049  nfs
    100003    2   tcp   2049  nfs
    100003    3   tcp   2049  nfs
    100021    1   udp   4001  nlockmgr
    100021    3   udp   4001  nlockmgr
    100021    4   udp   4001  nlockmgr
    100021    1   tcp   4001  nlockmgr
    100021    3   tcp   4001  nlockmgr
    100021    4   tcp   4001  nlockmgr
    100005    1   udp  32767  mountd
    100005    1   tcp  32767  mountd
    100005    2   udp  32767  mountd
    100005    2   tcp  32767  mountd
    100005    3   udp  32767  mountd
    100005    3   tcp  32767  mountd

When I try to mount the exported directory when the firewall is
running I get a timeout:

minnie ~ $ mount -v Help/
mount: trying 134.153.37.5 prog 100003 vers 3 prot tcp port 2049
mount: trying 134.153.37.5 prog 100005 vers 3 prot udp port 32767
mount: mount to NFS server 'beryl.esd.mun.ca' failed: timed out
(retrying).

If I drop the client firewall the mount succeeds.

Can someone help me figure out what must be put in my iptables script
to get this to work?

Thanks,
Roger
-- 
gentoo-user@lists.gentoo.org mailing list

[gentoo-user] [OT] NFS through a firewall

Reply via email to