LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 05-01-2009, 07:03 AM   #1
danielmesserli
LQ Newbie
 
Registered: Apr 2008
Distribution: Fedora 8
Posts: 5

Rep: Reputation: 0
Exclamation NFS and firewall in Fedora 8 environment


Hi all,
1 Can somebody explain the difference between PORTMAP and RPCbind ?
2 When I disable IPtables from the command line, then NFS functions
normally BUT
3 When (with IPtables started) I configure the firewall from the GUI tool (System --> Administration --> Firewall) to allow NFS as trusted service, and this is done of BOTH client and NFS server machine) then I get the famous " no route to host " error.

Then I am also unsure how NFS works in Fedora 8... is RPCbind something new or what is it ?
Do the nfs ports have to configured as static ?

I have read and looked around for docs and howto's etc. but I can not find any explanations or clear directives regarding this issue.

Can you please help ?

Thanks.
dan
 
Old 05-01-2009, 11:56 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,384

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
nfs uses dynamic port allocation from portmap to decide which ports to use between the client and the server. This is no use if you want to firewall it without a lot of complexity.if you edit /etc/sysconfig/nfs and uncomment various lines there you can assign fixed ports which you can directly open up in iptables.
 
Old 05-02-2009, 04:31 PM   #3
danielmesserli
LQ Newbie
 
Registered: Apr 2008
Distribution: Fedora 8
Posts: 5

Original Poster
Rep: Reputation: 0
Thanks acid_kewpie for your reply.
Sorry if I sound a bit dumb, but I don't understand the difference between PORTMAP and RPCbind. Are they two completely different technologies implementations which Fedora chose to switch (cuz used to be portmap before Fedora 7) or is it the same darn thing with just a fancy name change ... and do I have to edit the /etc/hosts.allow and hosts.deny with RPCbind the same way I would done as I used to do with PortMap ?
What would the exact syntax then be for RPCbind ?
chhers,
 
Old 05-03-2009, 03:14 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,384

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
They basically just changed the name from what I believe. Can't remember the exact stoy, but it's the same role it plays.

you wouldn't need to edits hosts.allow or anything, just the /etc/sysconfig/nfs file as I stated above.
 
  


Reply

Tags
fedora, nfs, portmap


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
NFS and firewall in Fedora 8 environment danielmesserli Linux - Newbie 6 12-07-2012 07:11 PM
File integrity in Samba/NFS environment lqtim Linux - General 2 01-05-2009 05:22 PM
File integrity in Samba/NFS environment lqtim Linux - Software 1 01-04-2009 03:23 PM
File integrity in Samba/NFS environment lqtim Linux - Server 1 01-04-2009 03:22 PM
what nfs performance considerations are there for lamp environment globaltree Linux - Enterprise 1 01-07-2008 01:09 PM


All times are GMT -5. The time now is 09:14 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration