<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#ffffff" text="#000000"> That's a bit of a challenge, because of the way NFS works. There's a RPC connection on (I believe TCP) port 111, the sunrpc port. Then, from there, the client and server can negotiate any UDP port above 2048 for NFS. Now, in practice that usually turns out to be UDP port 2049, but it does not have to be, and I've seen other UDP ports used. That's what makes NFS a challenge to firewall. It's also one reason (no encryption is another) why you should never run NFS on a network that you don't trust, i. e. across the Internet. It's like SMB/CIFS in this way. The real issue here isn't firewalling; it's sniffing. Most of us don't use either SELinux or the built-in firewall on the LTSP servers themselves. Any particular reason you need to do this? --TP <div class="moz-signature">_______________________________ Do you GNU!? <a href="http://www.gnu.org/">Microsoft Free since 2003</a>--the ultimate antivirus protection! </div> Mikko Jordman wrote: <blockquote cite="mid20070329113035.7007570gq24gwss0@webmail.edu.vantaa.fi" type="cite"> <pre wrap="">Hello everybody! I have now 4 old servers ready to serve our school. I'm trying to get nfs mount /home working. I had no success until I turned firewall and SELinux off. Could somebody tell me how should I configure those to have them on and nfs mounting working? Greets, Mikko from Finland _______________________________________________ K12OSN mailing list <a class="moz-txt-link-abbreviated" href="mailto:K12OSN@redhat.com">K12OSN@redhat.com</a> <a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/k12osn">https://www.redhat.com/mailman/listinfo/k12osn</a> For more info see <a class="moz-txt-link-rfc2396E" href="http://www.k12os.org"><http://www.k12os.org></a> </pre> </blockquote> </body> </html>