Re: [CentOS] firewalled NFS

2008-06-05 Thread Jordi Prats
of course...

On Wed, Jun 4, 2008 at 8:28 PM, mouss <[EMAIL PROTECTED]> wrote:
> Jordi Prats wrote:
>>
>> I've no iptables, I'm using a PIX to firewall them :)
>>
>
> did you open the ports on the pix?
>
>> On Wed, Jun 4, 2008 at 1:53 AM, Jay Leafey <[EMAIL PROTECTED]>
>> wrote:
>>
>>>
>>> Jordi Prats wrote:
>>>
>>>>
>>>> Hi,
>>>> I'm trying to setup a firewalled NFS server. I've configured my server
>>>> (CentOS 5) using the following parameters
>>>> /etc/sysconfig/nfs
>>>> MOUNTD_NFS_V1="no"
>>>> MOUNTD_NFS_V2="no"
>>>> RQUOTAD_PORT=875
>>>> LOCKD_TCPPORT=32803
>>>> LOCKD_UDPPORT=32769
>>>> RPCNFSDCOUNT=64
>>>> MOUNTD_PORT=892
>>>> STATD_PORT=662
>>>> STATD_OUTGOING_PORT=2020
>>>> SECURE_NFS="yes"
>>>>
>>>>
>>>> modprobe.conf:
>>>> options lockd nlm_udpport=4001 nlm_tcpport=4001
>>>>
>>>>
>>>> But it does not mount it:
>>>> # mount 172.20.0.150:/tmp/ /mnt/tmp/
>>>> mount: mount to NFS server '172.20.0.150' failed: timed out (giving up).
>>>>
>>>> There's anything else I must setup to use fixed ports ?
>>>>
>>>> Thanks,
>>>>
>>>
>>> It may be an obvious question, but did you open the ports in iptables? I
>>> use
>>> a similar scheme on my NFS servers to "fix" the ports and it just doesn't
>>> work at ALL unless those ports are opened up in iptables.  I use
>>> different
>>> ports, but here's the lines I inserted into my /etc/sysconfig/iptables
>>> file
>>> to get NFS working on the server:
>>>
>>>
>>>>
>>>> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -m multiport -p tcp
>>>> -s
>>>> 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT
>>>> -A RH-Firewall-1-INPUT -m state --state NEW -m udp -m multiport -p udp
>>>> -s
>>>> 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT
>>>>
>>>
>>> You'll have to alter the '--dports' and '-s' parameters to match the
>>> ports
>>> and IP address range you are using.
>>>
>>> Hope that helps!
>>> --
>>> Jay Leafey - Memphis, TN
>>> [EMAIL PROTECTED]
>>>
>>> ___
>>> CentOS mailing list
>>> CentOS@centos.org
>>> http://lists.centos.org/mailman/listinfo/centos
>>>
>>>
>>>
>>
>>
>>
>>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



-- 
Jordi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] firewalled NFS

2008-06-04 Thread Jordi Prats
I've no iptables, I'm using a PIX to firewall them :)

On Wed, Jun 4, 2008 at 1:53 AM, Jay Leafey <[EMAIL PROTECTED]> wrote:
> Jordi Prats wrote:
>>
>> Hi,
>> I'm trying to setup a firewalled NFS server. I've configured my server
>> (CentOS 5) using the following parameters
>> /etc/sysconfig/nfs
>> MOUNTD_NFS_V1="no"
>> MOUNTD_NFS_V2="no"
>> RQUOTAD_PORT=875
>> LOCKD_TCPPORT=32803
>> LOCKD_UDPPORT=32769
>> RPCNFSDCOUNT=64
>> MOUNTD_PORT=892
>> STATD_PORT=662
>> STATD_OUTGOING_PORT=2020
>> SECURE_NFS="yes"
>>
>>
>> modprobe.conf:
>> options lockd nlm_udpport=4001 nlm_tcpport=4001
>>
>>
>> But it does not mount it:
>> # mount 172.20.0.150:/tmp/ /mnt/tmp/
>> mount: mount to NFS server '172.20.0.150' failed: timed out (giving up).
>>
>> There's anything else I must setup to use fixed ports ?
>>
>> Thanks,
>
> It may be an obvious question, but did you open the ports in iptables? I use
> a similar scheme on my NFS servers to "fix" the ports and it just doesn't
> work at ALL unless those ports are opened up in iptables.  I use different
> ports, but here's the lines I inserted into my /etc/sysconfig/iptables file
> to get NFS working on the server:
>
>> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -m multiport -p tcp -s
>> 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT
>> -A RH-Firewall-1-INPUT -m state --state NEW -m udp -m multiport -p udp -s
>> 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT
>
> You'll have to alter the '--dports' and '-s' parameters to match the ports
> and IP address range you are using.
>
> Hope that helps!
> --
> Jay Leafey - Memphis, TN
> [EMAIL PROTECTED]
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>



-- 
Jordi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] firewalled NFS

2008-06-03 Thread Jordi Prats
Hi,
I'm trying to setup a firewalled NFS server. I've configured my server
(CentOS 5) using the following parameters
/etc/sysconfig/nfs
MOUNTD_NFS_V1="no"
MOUNTD_NFS_V2="no"
RQUOTAD_PORT=875
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
RPCNFSDCOUNT=64
MOUNTD_PORT=892
STATD_PORT=662
STATD_OUTGOING_PORT=2020
SECURE_NFS="yes"


modprobe.conf:
options lockd nlm_udpport=4001 nlm_tcpport=4001


But it does not mount it:
# mount 172.20.0.150:/tmp/ /mnt/tmp/
mount: mount to NFS server '172.20.0.150' failed: timed out (giving up).

There's anything else I must setup to use fixed ports ?

Thanks,
-- 
Jordi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] loopback network device

2008-02-01 Thread Jordi Prats

Hi all,
It's possible to create an alias of a device? Something like a device 
loN that all it's traffic is send to ethN, so ethN and loN are equivalent.


It's for a bridged setup, i'm not trying to setup another IP on a device.

Thanks!
Jordi

--
..
__
   / /  Jordi Prats
 C E / S / C A  Dept. de Sistemes
 /_/Centre de Supercomputació de Catalunya

 Gran Capità, 2-4 (Edifici Nexus) · 08034 Barcelona
 T. 93 205 6464 · F.  93 205 6979 · [EMAIL PROTECTED]
.. 


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos