Hi all
After browsing through the site and Google, I cannot solve my problem
I am using CentOS release 4.6 (Final) with iptables configured with system-config-security. I want to use a nfs server
With firewall disable, everything just works fine.
In system-config-security I then click ssh, http and add in other port box the following
nfs:tcp, nfs:udp, ntp:tcp, ntp:udp, 1055:tcp
where port 1055 is for a license manager for a software
This give me the following file
Quote:
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 2049 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1055 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 123 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 123 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
|
when i try to mount a volume on another machine, I get
Quote:
mount.nfs: mount to NFS server 'rpcbind' failed: System Error: No route to host
mount.nfs: mount to NFS server 'rpcbind' failed: System Error: No route to host
mount.nfs: internal error
|
I then found on the site that I need to allow rpcbind port which is 111/tcp
when adding it to the other port and trying to mount volume, mahcien on which I tried to mount the volume just hang and I need to ctrl+c to get a prompt back.
with a nmap -p 2049 server, i get
PORT STATE SERVICE
2049/tcp open nfs
which is the same than when the firewall is off (iptables stop)
Another thing strange is that sshd and httpd works whenever the firewall is up or down.
My licensing server on port 1055 (flexlm) and my nfs only works when the firewall is down.
Anyone know what is happening?
btw, I tried rebooting