Mailing List Archive
tlug.jp Mailing List tlug archive tlug Mailing List Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Firewall versus NFS
- Date: Wed, 18 Apr 2007 08:54:08 +0900
- From: Patrick Kellaher <firstname.lastname@example.org>
- Subject: Re: [tlug] Firewall versus NFS
- References: <email@example.com> <firstname.lastname@example.org>
- User-agent: Thunderbird 22.214.171.124 (X11/20070301)
Stephen J. Turnbull wrote:I believe this last point is probably true, esp with the portmapper involved. The portmapper listens on 111 and then tells the client what port to connect to for the service it is asking for. There really isn't a good way that I know of to firewall off a NFS server (most of my firewall experience is on the perimeter). However, a flex type rule might work. In the past I have used Arno's Firewall script, it might work for you http://rocky.eld.leidenuniv.nlDave M G writes:
> But it has become apparent that when my firewall is on, the server won't > allow me to connect.
It could be a syntax error, but the syntax you're using is very standard, and I would be surprised if Firestarter didn't accept it.
IIRC NFS can use either TCP ("reliable stream") or UDP ("message in a bottle") to connect. Have you opened both TCP and UDP for portmap (111) and nfs (2049)?
It's possible that the client is trying to connect to other ports for some reason. Or possibly you have some rules stopping outgoing packets. Set up a rule to log attempts to connect from *any* to *any* originating at the client machine (192.168.0.3, is that right?) and find out what it's doing.
- Re: [tlug] Firewall versus NFS
- From: Dave M G
Home | Main Index | Thread Index
- Prev by Date: RE: [tlug] OT:dual core CPUs
- Next by Date: [tlug] ACCESS 2007
- Previous by thread: [tlug] Firewall versus NFS
- Next by thread: Re: [tlug] Firewall versus NFS
Home Page Mailing List Linux and Japan TLUG Members Links