Binding ports for NFS

redhatdude at bellsouth.net redhatdude at bellsouth.net
Fri Dec 16 07:49:53 UTC 2005


Thanks a lot Res,
Now I can't mount the share from MacOS X 10.4
I get a time out error. However, I can see everything running on the  
FC4 machine from the mac.
rpcinfo -p 192.168.1.102
    program vers proto   port
     100000    2   tcp    111  portmapper
     100000    2   udp    111  portmapper
     100024    1   udp  32972  status
     100024    1   tcp  32791  status
     100011    1   udp    861  rquotad
     100011    2   udp    861  rquotad
     100011    1   tcp    864  rquotad
     100011    2   tcp    864  rquotad
     100003    2   udp   2049  nfs
     100003    3   udp   2049  nfs
     100003    4   udp   2049  nfs
     100003    2   tcp   2049  nfs
     100003    3   tcp   2049  nfs
     100003    4   tcp   2049  nfs
     100021    1   udp  32987  nlockmgr
     100021    3   udp  32987  nlockmgr
     100021    4   udp  32987  nlockmgr
     100021    1   tcp  32820  nlockmgr
     100021    3   tcp  32820  nlockmgr
     100021    4   tcp  32820  nlockmgr
     100005    1   udp    874  mountd
     100005    1   tcp    877  mountd
     100005    2   udp    874  mountd
     100005    2   tcp    877  mountd
     100005    3   udp    874  mountd
     100005    3   tcp    877  mountd

What is the problem?
I can mount the same folder in my home folder in Fedora but not from  
the Mac.
This is the error on the mac
mount_nfs: bad MNT RPC: RPC: Timed out
Thanks,
EJ


On Dec 16, 2005, at 2:28 AM, Res wrote:

> Hi,
>
> On Thu, 15 Dec 2005, redhatdude at bellsouth.net wrote:
>
>> Let's see if I have more luck with this question and somebody  
>> answers it.
>> I'm trying to share a folder using NFS. The problem I'm having is  
>> with the ports some of the daemons use and the firewall. The ports  
>> for portmapper and nfsd remain the same all the time and I can  
>> open them in the firewall. However, daemons such as lockd and  
>> mountd change every time I load the nfs service. What I'd like to  
>> do is bind these daemos to a specific port that would remain open  
>> in the firewall. How can I accomplish that?
>
> You should know the IP of the server in question, allow that server  
> unrestricted access in your firewall, if its on your LAN, have the  
> router filter 2049 and 111 completely from the internet (tcp and udp)
>
> Also if your LAN is 192.168.0.0/24 in your /etc/hosts.allow:
>
> portmap: 192.168.0.1/255.255.255.0
> lockd: 192.168.0.1/255.255.255.0
> statd: 192.168.0.1/255.255.255.0
> mountd: 192.168.0.1/255.255.255.0
> rquotad: 192.168.0.1/255.255.255.0
>
> If you only want to put in single IP's put them in in this format:
> SERVICETYPE: 192.168.0.1 , 192.168.0.254
> note, yes thats -  I.P space comma space I.P
>
> and in /etc/hosts.deny:
>
> portmap: ALL
> lockd: ALL
> statd: ALL
> mountd: ALL
> rquotad: ALL
>
>
>
> -- 
> Cheers
> Res
>
> -- 
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list




More information about the fedora-list mailing list