LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   NFS, Shorewall, Slackware 10, kernel 2.6: can't mount! (http://www.linuxquestions.org/questions/linux-networking-3/nfs-shorewall-slackware-10-kernel-2-6-cant-mount-324944/)

DaneM 05-19-2005 05:24 AM

NFS, Shorewall, Slackware 10, kernel 2.6: can't mount!
 
Hello, everybody!

I'm trying to get NFS running on my Slack 10 box with kernel 2.6.11.8. When I try to mount it from another machine OR the server, I get this:

Code:

</home/dane/tmp>
[root@Orchestrator tmp]$ mount 192.168.1.250:/var/nfs /mnt/nfs
mount: 192.168.1.250:/var/nfs failed, reason given by server: Permission denied

Here is my /etc/exports:

Code:

/var/nfs 192.168.1.0(ro,sync,no_root_squash)
/home/dane 192.168.1.0(ro,sync,no_root_squash)
/mnt/cdrom 192.168.1.0(ro,sync,no_root_squash)

Here is /etc/hosts.allow:

Code:

rpc.lockd: 192.168.1.0
rpc.rquotad: 192.168.1.0
rpc.mountd: 192.168.1.0
rpc.statd: 192.168.1.0
rpc.portmap: 192.168.1.0/255.255.255.0

etc/hosts.deny:

Code:

rpc.portmap:ALL
rpc.lockd:ALL
rpc.mountd:ALL
rpc.quotad:ALL
rpc.statd:ALL

rpcinfo gives me this:

Code:

</home/dane/tmp>
[root@Orchestrator tmp]$ rpcinfo -p
  program vers proto  port
    100000    2  tcp    111  portmapper
    100000    2  udp    111  portmapper
    100011    1  udp    771  rquotad
    100011    2  udp    771  rquotad
    100011    1  tcp    774  rquotad
    100011    2  tcp    774  rquotad
    100003    2  udp  2049  nfs
    100003    3  udp  2049  nfs
    100005    1  udp  32767  mountd
    100005    1  tcp  32767  mountd
    100005    2  udp  32767  mountd
    100021    1  udp  32772  nlockmgr
    100005    2  tcp  32767  mountd
    100021    3  udp  32772  nlockmgr
    100005    3  udp  32767  mountd
    100021    4  udp  32772  nlockmgr
    100005    3  tcp  32767  mountd
    100024    1  udp  32765  status
    100024    1  tcp  32765  status

Here is my firewall configuration (/etc/shorewall/rules):

Code:

    #ACTION  SOURCE        DEST            PROTO  DEST    SOURCE    ORIGINAL    RATE            USER/
    #                                              PORT    PORT(S)    DEST        LIMIT          GROUP
    AllowPing      loc    fw
    AllowPing      loc    net
    AllowSMB        loc    fw
    AllowSMB        fw      loc
    #The next 2 lines are for NFS.  :32768 ?
    ACCEPT          loc    fw              tcp    32765:32780,2049,111
    ACCEPT          loc    fw              udp    32765:32780,2049,111
    AllowPing      fw      loc
    #ACCEPT        loc    fw
    #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

I have all of my daemons except for lockd pinned down to the ports specified (do you know how to pin down lockd to a port?).

I can ping both machines OK.

I'll be truly grateful for any help you give me.

Thanks!

--Dane

P.S. I found this in my /proc/fs/nfs/exports, which refuses to match /etc/exports no matter how many times I run "exportfs -var".

Code:

/home/dane      192.168.1.0(ro,root_squash,sync,wdelay)
/var/nfs        192.168.1.0(ro,root_squash,sync,wdelay)


PDock 05-19-2005 08:58 AM

To export to all pcs on a lan; I use this format

Code:

/var/nfs 192.168.1.0/255.255.255.0(ro,sync,no_root_squash)
/home/dane 192.168.1.0/255.255.255.0(ro,sync,no_root_squash)
/mnt/cdrom 192.168.1.0/255.255.255.0(ro,sync,no_root_squash)

Other than above; unplug internet cable, start with just NFS, add tcpwrappers add firewall replug

ppd

DaneM 05-23-2005 02:38 AM

Thanks for the reply, pdock!

I've since managed to get it working on that box. (Emerde was messing with my config files.) Your suggestion about adding the subnet mask was a big help too. I also found an article on how to pin down lockd to a specific port (more or less). It'll start at the specified port and go up each time the service is restarted.

http://forums.gentoo.org/viewtopic-t...rewalling.html

Thanks for the help.

--Dane


All times are GMT -5. The time now is 10:24 AM.