[linux] nfs + netfilter
Martin Mosny, PosTel, a.s.
mmosny na postel.sk
Pondělí Leden 28 18:57:21 CET 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
su ale nepomaha:((
On Mon, 28 Jan 2002, riki wrote:
> no dobre a co tak povolit pomocou iptables established a related
> connectiony?
>
> Martin Mosny, PosTel, a.s. wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > ahojte
> >
> > mam jeden dost velky problem. Chcem na pocitaci A rozchodit nfs server,
> > chcem aby pocitac B a C si mohli tieto shared directories mountnut.
> >
> > Ale na pocitaci A su nastavene netfilter pravidla, to nie je az take zle,
> > ale pri restarte nfs sluzby sa menia pouzivane porty.
> >
> > \\\\\\\ begin of snip \\\\\\\\\\\\
> > [root na A init.d]# rpcinfo -p A
> > program vers proto port
> > 100000 2 tcp 111 portmapper
> > 100000 2 udp 111 portmapper
> > 100011 1 udp 967 rquotad
> > 100011 2 udp 967 rquotad
> > 100011 1 tcp 970 rquotad
> > 100011 2 tcp 970 rquotad
> > 100005 1 udp 33117 mountd
> > 100005 1 tcp 41870 mountd
> > 100005 2 udp 33117 mountd
> > 100005 2 tcp 41870 mountd
> > 100005 3 udp 33117 mountd
> > 100005 3 tcp 41870 mountd
> > 100003 2 udp 2049 nfs
> > 100021 1 udp 33118 nlockmgr
> > 100021 3 udp 33118 nlockmgr
> >
> > [root na A init.d]# /etc/init.d/nfs stop
> > Shutting down NFS mountd: [ OK ]
> > Shutting down NFS daemon: [ OK ]
> > Shutting down NFS services: [ OK ]
> > Shutting down NFS quotas: [ OK ]
> >
> > [root na A init.d]# /etc/init.d/nfs start
> > Starting NFS services: [ OK ]
> > Starting NFS quotas: [ OK ]
> > Starting NFS mountd: [ OK ]
> > Starting NFS daemon: [ OK ]
> > [root na A init.d]# rpcinfo -p A
> > program vers proto port
> > 100000 2 tcp 111 portmapper
> > 100000 2 udp 111 portmapper
> > 100011 1 udp 630 rquotad
> > 100011 2 udp 630 rquotad
> > 100011 1 tcp 633 rquotad
> > 100011 2 tcp 633 rquotad
> > 100005 1 udp 33118 mountd
> > 100005 1 tcp 41871 mountd
> > 100005 2 udp 33118 mountd
> > 100005 2 tcp 41871 mountd
> > 100005 3 udp 33118 mountd
> > 100005 3 tcp 41871 mountd
> > 100003 2 udp 2049 nfs
> > 100021 1 udp 33119 nlockmgr
> > 100021 3 udp 33119 nlockmgr
> >
> > \\\\\\\\\\\\\\end of snip\\\\\\\\\\\\\\\\\\\
> >
> > preto tam nie je restart, lebo vznika klamny dojem, ze niektore porty
> > ostavaju.
> >
> > Odblokovanie portov 2049+111(tcp+udp), nie je postacujuce!!! Source porty
> > z pocitaca B a C sa menia!!!! takze ani to nie je spravna cesta.
> >
> > Skusal som aj take veci nfswatch a nfstrace, ale nejako nie su portovane
> > na linux (len ultrix a podobne).
> >
>
>
>
> _______________________________________________
> http://lists.linux.sk/listinfo/linux
> http://search.lists.linux.sk
>
IP network administrator
PosTel, a.s. Kvacalova 53,82108 Bratislava 2
Tel.: +421-2-50203160, Fax.: +421-2-50203198
http://www.postel.sk, http://www.globalphone.sk
GlobalPhone, As long as you want
- -------------------------------------------------------------------------------
Warning: I don't wish to receive spam to this address.
Varovanie: Nezelam si na tuto adresu dostavat akukolvek reklamnu postu.
- -------------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8VZEE1Nxm72GJflgRAlIZAKCSclQvqCCLKrJBewz7pSZeD4qgwACfQHUU
6QYrhD2EKosMcep5hFgkwRk=
=8Q55
-----END PGP SIGNATURE-----
Další informace o konferenci linux