Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
thanks so much for the help...this worked!!! Should i then assume that if i'm running
a pop3 server on this box that i should do the same with port: 110????
Quite. I am not really clear why you add '--state NEW,ESTABLISHED' since that's mainly the two types there are of "packet types". I would strongly suggest that you also limit the incoming packets to the IP:s which should hjave the ability to fetch files to you computer.
That you can do with the '-s' flag in iptables. Example:
where 192.168.0.97 is the computer which should be allowed to connect to 's'. In /etc/services it was also stated that NFS used the udp-protocol aswell. Therefore you should add at least:
aswell. I don't know about the other two ports...do a search on the internet, and also if NFS doesn't work properly try to open those ports aswell...
Regards,
Jens
PS. Also if you can specify something like '192.168.0.0/24' which means '192.168.0.*' in iptables. For some info on NFS, you can look here: http://www.ecst.csuchico.edu/~dranch...tyOS-c-40.html
i found the page thrue google. DS.
Ztyx....your last host worked real well for one of my servers to nfs to another....but when trying the
same with a different nfs server it isn't working....
any suggestion on how to look for the reason why the EXACT replica of iptables won't work?? ie.
logging info?
I've check /etc/hosts.allow and /etc/exports and run: exportfs -a ...all the same on the one that isn't
working....
zepp
EDIT:
uname -a for server that it works on:
Linux server 2.4.22-1.2188.nptl #1 Wed Apr 21 20:35:41 EDT 2004 i686 athlon i386 GNU/Linux
uname -a for server it does NOT work on:
Linux server2 2.4.22-1.2197.nptl #1 Thu Jul 1 15:28:56 EDT 2004 i686 athlon i386 GNU/Linux
could the kernel difference be causing this????
Last edited by zepplin611; 07-18-2004 at 10:36 PM.
I don't know. You could try to open up the firewall totally once just to be sure that the firewall is not the problem. Have you checked logfiles? There should be a NFS module loaded into the kernel, but I guess the nfs daemon wouldn't start if that module wasn't there...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.