Re: [CentOS] firewalled NFS
of course... On Wed, Jun 4, 2008 at 8:28 PM, mouss <[EMAIL PROTECTED]> wrote: > Jordi Prats wrote: >> >> I've no iptables, I'm using a PIX to firewall them :) >> > > did you open the ports on the pix? > >> On Wed, Jun 4, 2008 at 1:53 AM, Jay Leafey <[EMAIL PROTECTED]> >> wrote: >> >>> >>> Jordi Prats wrote: >>> >>>> >>>> Hi, >>>> I'm trying to setup a firewalled NFS server. I've configured my server >>>> (CentOS 5) using the following parameters >>>> /etc/sysconfig/nfs >>>> MOUNTD_NFS_V1="no" >>>> MOUNTD_NFS_V2="no" >>>> RQUOTAD_PORT=875 >>>> LOCKD_TCPPORT=32803 >>>> LOCKD_UDPPORT=32769 >>>> RPCNFSDCOUNT=64 >>>> MOUNTD_PORT=892 >>>> STATD_PORT=662 >>>> STATD_OUTGOING_PORT=2020 >>>> SECURE_NFS="yes" >>>> >>>> >>>> modprobe.conf: >>>> options lockd nlm_udpport=4001 nlm_tcpport=4001 >>>> >>>> >>>> But it does not mount it: >>>> # mount 172.20.0.150:/tmp/ /mnt/tmp/ >>>> mount: mount to NFS server '172.20.0.150' failed: timed out (giving up). >>>> >>>> There's anything else I must setup to use fixed ports ? >>>> >>>> Thanks, >>>> >>> >>> It may be an obvious question, but did you open the ports in iptables? I >>> use >>> a similar scheme on my NFS servers to "fix" the ports and it just doesn't >>> work at ALL unless those ports are opened up in iptables. I use >>> different >>> ports, but here's the lines I inserted into my /etc/sysconfig/iptables >>> file >>> to get NFS working on the server: >>> >>> >>>> >>>> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -m multiport -p tcp >>>> -s >>>> 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT >>>> -A RH-Firewall-1-INPUT -m state --state NEW -m udp -m multiport -p udp >>>> -s >>>> 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT >>>> >>> >>> You'll have to alter the '--dports' and '-s' parameters to match the >>> ports >>> and IP address range you are using. >>> >>> Hope that helps! >>> -- >>> Jay Leafey - Memphis, TN >>> [EMAIL PROTECTED] >>> >>> ___ >>> CentOS mailing list >>> CentOS@centos.org >>> http://lists.centos.org/mailman/listinfo/centos >>> >>> >>> >> >> >> >> > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > -- Jordi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewalled NFS
I've no iptables, I'm using a PIX to firewall them :) On Wed, Jun 4, 2008 at 1:53 AM, Jay Leafey <[EMAIL PROTECTED]> wrote: > Jordi Prats wrote: >> >> Hi, >> I'm trying to setup a firewalled NFS server. I've configured my server >> (CentOS 5) using the following parameters >> /etc/sysconfig/nfs >> MOUNTD_NFS_V1="no" >> MOUNTD_NFS_V2="no" >> RQUOTAD_PORT=875 >> LOCKD_TCPPORT=32803 >> LOCKD_UDPPORT=32769 >> RPCNFSDCOUNT=64 >> MOUNTD_PORT=892 >> STATD_PORT=662 >> STATD_OUTGOING_PORT=2020 >> SECURE_NFS="yes" >> >> >> modprobe.conf: >> options lockd nlm_udpport=4001 nlm_tcpport=4001 >> >> >> But it does not mount it: >> # mount 172.20.0.150:/tmp/ /mnt/tmp/ >> mount: mount to NFS server '172.20.0.150' failed: timed out (giving up). >> >> There's anything else I must setup to use fixed ports ? >> >> Thanks, > > It may be an obvious question, but did you open the ports in iptables? I use > a similar scheme on my NFS servers to "fix" the ports and it just doesn't > work at ALL unless those ports are opened up in iptables. I use different > ports, but here's the lines I inserted into my /etc/sysconfig/iptables file > to get NFS working on the server: > >> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -m multiport -p tcp -s >> 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT >> -A RH-Firewall-1-INPUT -m state --state NEW -m udp -m multiport -p udp -s >> 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT > > You'll have to alter the '--dports' and '-s' parameters to match the ports > and IP address range you are using. > > Hope that helps! > -- > Jay Leafey - Memphis, TN > [EMAIL PROTECTED] > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > > -- Jordi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] firewalled NFS
Hi, I'm trying to setup a firewalled NFS server. I've configured my server (CentOS 5) using the following parameters /etc/sysconfig/nfs MOUNTD_NFS_V1="no" MOUNTD_NFS_V2="no" RQUOTAD_PORT=875 LOCKD_TCPPORT=32803 LOCKD_UDPPORT=32769 RPCNFSDCOUNT=64 MOUNTD_PORT=892 STATD_PORT=662 STATD_OUTGOING_PORT=2020 SECURE_NFS="yes" modprobe.conf: options lockd nlm_udpport=4001 nlm_tcpport=4001 But it does not mount it: # mount 172.20.0.150:/tmp/ /mnt/tmp/ mount: mount to NFS server '172.20.0.150' failed: timed out (giving up). There's anything else I must setup to use fixed ports ? Thanks, -- Jordi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] loopback network device
Hi all, It's possible to create an alias of a device? Something like a device loN that all it's traffic is send to ethN, so ethN and loN are equivalent. It's for a bridged setup, i'm not trying to setup another IP on a device. Thanks! Jordi -- .. __ / / Jordi Prats C E / S / C A Dept. de Sistemes /_/Centre de Supercomputació de Catalunya Gran Capità, 2-4 (Edifici Nexus) · 08034 Barcelona T. 93 205 6464 · F. 93 205 6979 · [EMAIL PROTECTED] .. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
