> My problem is that I am not sure how to resolve this. I have not done > any configuration with iptables before. In the > file /etc/sysconfig/iptables are the lines: > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2049 > -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 2049 > -j ACCEPT > > and there are not any deny lines above these. I think those lines were > added when I ran system-config-securitylevel-tui. Those are the only > lines that I can find that mention port 2049 or nfs. > > Those lines look to me like they are for accepting incoming connections > only. Is that correct? > > What do I need to do so that I can do the nfs export out of this box? These lines accept NEW connections. If the connection lags/times out but does not start again as 'new', it may be blocked. You should consider just allowing 2049 from a particular subnet, without other constraints on the packets. NFS is also a bit like ftp, and likes to play with random ports, which tend to make firewalls angry. You'll want something in /etc/sysconfig/nfs like the following: STATD_PORT=4000 STATD_OUTGOING_PORT=4004 LOCKD_TCPPORT=4001 LOCKD_UDPPORT=4001 MOUNTD_PORT=4002 Obviously you'll need to salt this to taste, and ensure that ports 4000:4004 are open (in this example) as well in your firewall. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell