On Thu, Sep 13, 2007 at 03:22:39PM -0500, Chuck Campbell enlightened us:
I've got a newly installed Centos 5.0 box, planned to replace an ageing server (solaris box). I've set up the nfs shares, but the other solaris boxes won't mount them, unless I turn of iptables on the Centos box. If I do that, they mount, and all operations tested to date work fine.
Iptables is allowing the 2049 tcp and udp ports already. What else needs to be opened up in iptables for nfs to work through the firewall?
I looked at the RHEL system admin guide on NFS and found nothing useful.
I set the following in /etc/sysconfig/nfs (probably doesn't exist):
STATD_PORT=4000 LOCKD_TCPPORT=4001 LOCKD_UDPPORT=4001 MOUNTD_PORT=4002
Then in iptables, I allow 4000-4002 on both TCP and UDP. I'm not positive which protocol STATD and MOUNTD use - possibly both, but it seems to work for me (along with allowing 2049 through).
Matt