Jordi Prats wrote: > I've no iptables, I'm using a PIX to firewall them :) > did you open the ports on the pix? > On Wed, Jun 4, 2008 at 1:53 AM, Jay Leafey <jay.leafey at mindless.com> wrote: > >> Jordi Prats wrote: >> >>> Hi, >>> I'm trying to setup a firewalled NFS server. I've configured my server >>> (CentOS 5) using the following parameters >>> /etc/sysconfig/nfs >>> MOUNTD_NFS_V1="no" >>> MOUNTD_NFS_V2="no" >>> RQUOTAD_PORT=875 >>> LOCKD_TCPPORT=32803 >>> LOCKD_UDPPORT=32769 >>> RPCNFSDCOUNT=64 >>> MOUNTD_PORT=892 >>> STATD_PORT=662 >>> STATD_OUTGOING_PORT=2020 >>> SECURE_NFS="yes" >>> >>> >>> modprobe.conf: >>> options lockd nlm_udpport=4001 nlm_tcpport=4001 >>> >>> >>> But it does not mount it: >>> # mount 172.20.0.150:/tmp/ /mnt/tmp/ >>> mount: mount to NFS server '172.20.0.150' failed: timed out (giving up). >>> >>> There's anything else I must setup to use fixed ports ? >>> >>> Thanks, >>> >> It may be an obvious question, but did you open the ports in iptables? I use >> a similar scheme on my NFS servers to "fix" the ports and it just doesn't >> work at ALL unless those ports are opened up in iptables. I use different >> ports, but here's the lines I inserted into my /etc/sysconfig/iptables file >> to get NFS working on the server: >> >> >>> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -m multiport -p tcp -s >>> 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT >>> -A RH-Firewall-1-INPUT -m state --state NEW -m udp -m multiport -p udp -s >>> 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT >>> >> You'll have to alter the '--dports' and '-s' parameters to match the ports >> and IP address range you are using. >> >> Hope that helps! >> -- >> Jay Leafey - Memphis, TN >> jay.leafey at mindless.com >> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos >> >> >> > > > >