Hi Hong, Thursday, October 03, 2002 12:20:42 PM By default all inputs and outputs are closed. Uncomment all what was in ipchains file (/etc/sysconfig/ipchains). I do manually edit ipchains file.
regards, Krishna mailto:[EMAIL PROTECTED] Krishna Shekhar Network Administrator Wiplash Wireless Wednesday, October 2, 2002, 9:06:29 PM , you wrote: HT> I did the followings (198.138.244.0 is local network address), but nfs still HT> does not work. Should I manually modify /etc/sysconfig/ipchains? HT> lan='198.138.244.0/255.255.255.0' HT> ipchains --append input --protocol tcp --source $lan nfs --jump ACCEPT HT> ipchains --append input --protocol udp --source $lan nfs --jump ACCEPT HT> ipchains --append output --protocol tcp --destination $lan nfs --jump ACCEPT HT> ipchains --append output --protocol udp --destination $lan nfs --jump ACCEPT HT> service ipchains save HT> -----Original Message----- HT> From: Anthony E. Greene [mailto:[EMAIL PROTECTED]] HT> Sent: Wednesday, October 02, 2002 1:47 AM HT> To: [EMAIL PROTECTED] HT> Subject: Re: ipchains HT> -----BEGIN PGP SIGNED MESSAGE----- HT> Hash: SHA1 HT> On 01-Oct-2002/16:23 -0400, Hong Tian <[EMAIL PROTECTED]> wrote: >>After installing RedHat 7.3 with Medium Security Level. The nfs is REJECT HT> by >>Ipchains. In order to allow mounting to another server, I need to set up >>with ACCEPT tcp/udp nfs (port 2049). HT> [snip] HT> lan='192.168.0.0/255.255.255.0' HT> ipchains --append input --protocol tcp --source $lan nfs --jump ACCEPT HT> ipchains --append input --protocol udp --source $lan nfs --jump ACCEPT HT> ipchains --append output --protocol tcp --destination $lan nfs --jump ACCEPT HT> ipchains --append output --protocol udp --destination $lan nfs --jump ACCEPT HT> service ipchains save HT> The first line sets the $lan variable to the local network/netmask to HT> restrict NFS connections to your local network. The next 4 lines set the HT> ipchains rules. The last line saves the rules to /etc/sysconfig/ipchains, HT> where they will be read each time the ipchais service is started. HT> Tony HT> - -- HT> Anthony E. Greene <mailto:[EMAIL PROTECTED]%3E> HT> OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D HT> AOL/Yahoo Messenger: TonyG05 HomePage: <http://www.pobox.com/~agreene/> HT> Linux. The choice of a GNU generation <http://www.linux.org/> HT> -----BEGIN PGP SIGNATURE----- HT> Version: GnuPG v1.0.6 (GNU/Linux) HT> Comment: Anthony E. Greene <mailto:[EMAIL PROTECTED]> 0x6C94239D HT> iD8DBQE9mohtpCpg3WyUI50RAgBtAKCvI5BLBkqCkeAxcsHchPLrG5EyhQCcCNTM HT> pUYCdm6ErWWt/WinnpN7Pj8= HT> =988F HT> -----END PGP SIGNATURE----- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list