Hi!
mountd (rpc.mountd): normally uses a random port allocated by portmapper. It
is possible to configure a fixed port number by supplying the ³-p² command
line option when the program is launched. This can be done by editing the
file /etc/sysconfig/network and adding the following line:
MOUNTD_PORT=4002
rpc.quotad should be at least version 3.08
In the file /etc/rpc and check that the following line is present:
rquotad 100011 rquotaprog quota rquota
It should be there, but if isnt, then add it yourself. Then edit the file
/etc/services and add the following lines:
rquotad 4003/tcp
rquotad 4003/tcp
Then iptables should be able to have something like these lines for NFS:
iptables -A INPUT -s ip.pc.client -d 0/0 4000:4003 -p 6 -j ACCEPT
iptables -A INPUT -s ip.pc.client -d 0/0 4000:4003 -p 17 -j ACCEPT
:)
Missy Koos
Webmistress & Database Developer
Student Affairs & Services
Michigan State University
113 Student Services Building
East Lansing, MI 48824
517.355.9510 x138
On 5/13/05 4:24 PM, "Wheeler, Bill" <[log in to unmask]> wrote:
> Hi, all--
> I've been trying to set up an NFS server on a Linux box with iptables for
> packet filtering. I need to open the ports used by rpc.mountd and rpc.quota,
> but the portmapper assigns them different port numbers every time they start.
> I can't specify the service in the iptables rule, because iptables
> (apparently) doesn't recognize services that aren't in /etc/services, and
> mountd and quota aren't listed there. I tried altering the commands in
> /etc/init.d/nfs to start mountd and quotad with specified ports, but that was
> blithely ignored.
>
> Any advice would be welcome.
> Thanks!
> --Bill.
> Bill Wheeler, Systems Administrator
> Michigan State University Libraries
> (517) 432-6123 x 234
> [log in to unmask]
>
|