[clue-tech] nfs export and firewall issue
Collins Richey
crichey at gmail.com
Sun Oct 1 20:29:47 MDT 2006
On 10/1/06, Ski Dawg <skidawg at skidawg.org> wrote:
> On Sun, 2006-10-01 at 18:05 -0600, Collins Richey wrote:
> > I'll look this up at work on Monday. The default setting for NFS and
> > RPC-related stuff is to use random ports which makes it nearly
> > impossible to allow though a firewall. If you set the right parameters
> > you can tie down the used ports and easily write firewall rules. We
> > have RHEL4 (=CentOS4) systems at work, but I can't remember the
> > parameters without a cheatsheet.
>
> Collins,
>
> Thanks for the offer, but I got it figured out this evening (with some
> help from the CentOS list).
>
> Here is what I needed to do:
> In /etc/sysconfig/nfs:
> STATD_PORT=4000
> STATD_OUTGOING_PORT=4004
> LOCKD_TCPPORT=4001
> LOCKD_UDPPORT=4001
> MOUNTD_PORT=4002
>
> And in the firewall open port 4000:4004 (for above), and then open ports
> 2049 for nfsd and 111 for portmap.
>
> After doing those, that allowed me to mount it on my other system.
Yep, that's pretty much the answwer I would have provided you
tomorrow. I just hadn't memorized the details.
So happy you're on the roll.
--
Collins Richey
If you fill your heart with regrets of yesterday and the worries
of tomorrow, you have no today to be thankful for.
More information about the clue-tech
mailing list