LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   SuSE 10.3 NFS Firewall Settings (https://www.linuxquestions.org/questions/linux-server-73/suse-10-3-nfs-firewall-settings-676623/)

dcasper 10-15-2008 05:39 PM
SuSE 10.3 NFS Firewall Settings
 
I've checked for similar posts but they don't have quite what I'm after. This is the situation:

I have two servers running SuSE 10.3 on different networks. I want to be able to mount an NFS Share from Server1 on Server2 so that I can copy backups to Server1.

I opened ports 2049 and 111 on my firewall to the network that Server2 resides in, but still cannot connect. When trying to do so the request times out 4 - 5 times and then fails.

If I expand my open port range to include all ports when the request comes from Server2's network then I can mount the shares, but I don't want to leave all ports open.

Is there a convenient way to determine which ports NFS is using so I can selectively open them? Below is my result from rpcinfo -p:
Code:
pp-colo:/bkp/backups # rpcinfo -p
  program vers proto  port
    100000    2  tcp    111  portmapper
    100000    2  udp    111  portmapper
    100003    2  udp  2049  nfs
    100003    3  udp  2049  nfs
    100003    4  udp  2049  nfs
    100021    1  udp  17139  nlockmgr
    100021    3  udp  17139  nlockmgr
    100021    4  udp  17139  nlockmgr
    100003    2  tcp  2049  nfs
    100003    3  tcp  2049  nfs
    100003    4  tcp  2049  nfs
    100021    1  tcp  20209  nlockmgr
    100021    3  tcp  20209  nlockmgr
    100021    4  tcp  20209  nlockmgr
    100005    1  udp  17140  mountd
    100005    1  tcp  14594  mountd
    100005    2  udp  17140  mountd
    100005    2  tcp  14594  mountd
    100005    3  udp  17140  mountd
    100005    3  tcp  14594  mountd
    100024    1  udp  17141  status
    100024    1  tcp  14291  status
I initially (incorrectly) guessed that I could fix the troubles by adding each of the ports listed here to my list of open ports on the firewall, but that didn't fix the problem and then when I later restarted NFS on Server1 the ports changed anyway, so that's not the ticket.

Any advice would be great and I'm happy to post any other info if it helps. Thanks in advance,

--Dan

zmanea 10-15-2008 10:53 PM
netstat -anp will give you info on what ports applications are using.


All times are GMT -5. The time now is 09:50 AM.