LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   NFS vs. Shorewall conflict (should be easy to solve - :newbie: here) (https://www.linuxquestions.org/questions/linux-security-4/nfs-vs-shorewall-conflict-should-be-easy-to-solve-newbie-here-177829/)

perry 05-04-2004 03:13 PM

NFS vs. Shorewall conflict (should be easy to solve - :newbie: here)
 
** duplicate post - i'm sorry but it's an easy question yet there's two places 4 it **
(take a guess where the other is)

Ok, i can get NFS to share read-only directories between two Mandrake Linux machines over a LinkSys box. However to do so, I have to turn off Shorewall, effectively leaving me wide open for Firewall protection....

What parameters do I supply Shorewall with to allow NFS to operate and is this a bad thing ?

thanks a bunch

- perry

mrcheeks 05-04-2004 04:00 PM

i never used nfs but i use shorewall on linux. You have to locate the shorewall rules file on your distro and allow nfs's tcp/udp ports. I am running bsd right now so i can't show you examples but you can find some on shorewall.net i think.

kebabhead 05-04-2004 05:05 PM

nfs firewall
 
Hi,
You may find this link: http://www.lowth.com/LinWiz/nfs_help.html
Helpfull in setting up static ports...
Cheers

iainr 05-05-2004 04:57 PM

Here's a quick summary for Mandrake (not the only way to do it, but one way)

1. Edit /etc/sysconfig/nfs, setting the following variables :
MOUNTD_PORT=4002
LOCKD_TCPPORT=4001
LOCKD_UDPPORT=4001
STATD_PORT=4000

2. Open up the following firewall ports
111/udp 111/tcp 2049/udp 2049/tcp 4000/udp 4000/tcp 4001/udp 4001/tcp 4002/udp 4002/tcp

3. Restart NFS
/etc/init.d/nfs restart
/etc/init.d/nfslock restart

(Tested on Mandrake 10, so I can't guarantee it works on 9.1; but if not it will just be a matter of where those variables are set).


All times are GMT -5. The time now is 12:04 PM.