[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Mounting nfs file systems - iptables stop



Thanks Art,
Sounds good - but I think I should be able to allow traffic through
those ports user the 'other ports' field on the firewall customization
page - see
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/install-guide/s1-firewallconfig.html. Only trouble is, when I open mine (or run redhat-config-securitylevel), I don't see an 'other ports' field - is this an updated version of the firewall which I need to install? Thanks,

Andy

On Mon, 2007-01-15 at 01:23, Aterea Brown wrote:
> Hiya,
> 
> You would need to allow traffic between the to boxes on ports 111 (tcp
> and udp) and 2049 (tcp and udp).
> 
> You would use something like the following.
> On the nfs source server:
> iptables -A INPUT -p tcp --source [ip address of host mounting resource]
> --dport 111 -j ACCEPT
> iptables -A INPUT -p udp --source [ip address of host mounting resource]
> --dport 111 -j ACCEPT
> iptables -A INPUT -p tcp --source [ip address of host mounting resource]
> --dport 2049 -j ACCEPT
> iptables -A INPUT -p udp --source [ip address of host mounting resource]
> --dport 2049 -j ACCEPT
> 
> then you would need to dump the rules to the script file that gets
> loaded at boot time...
> iptables-save > /etc/sysconfig/iptables
> 
> You may want to actually check what rules currently exist and what the
> default policy of the INPUT chain is.
> You may have to insert the rules at a specified position rather then
> just appending to the chain.
> i.e. iptables -I INPUT 8 ... to insert a rule at position 8.
> 
> Try that and see if it helps.
> 
> regards
> -art
> 
> 
> >>> andy allen virgin net 13/01/07 11:05 AM >>>
> Managed to mount nfs file system on RedHat9 by using command
> '/etc/init.d/iptables stop' on both machines. It seems a bit tedious to
> have to do this every time - is there a way of doing it at boot-up
> without having to 'stop' iptables on the command line? 
> 
> Andy 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request redhat com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]