Re: NFS setup problems
> Hi Folks,
>
> I have been trying to setup NFS on my system and run into problems. I have
> been reading the security part of NFS-HOWTO.
> however there a bunhc of lines of portmap status, nfs nlockmgr mountd hat
> are listed when rpcinfo -p is run.
> I have recompiled the kernel for NFSv3 support and I have nfs-common and
> nfs-kernel-server install. quota is also installed.
I don't understand. Your having problems, and yet rpcinfo -p shows the
correct info? If you have full NFS services running, and your system
is allowed access, running rpcinfo -p SHOULD show a bunch of stuff.
What mount command line are you using, and what is the message that you
see(if any) when you try to mount, and what does the log say on the
server?
I really do not trust the tcp_wrappers(hosts.allow/deny), I don't know
why, just paranoia maybe. I much prefer to firewall the ports entirely.
I run 2.2.19 and this is what I use:
PORTS="`rpcinfo -p | awk '{print $4}' | grep '[0-9]'`"
for rpcport in $PORTS
do
/sbin/ipchains -A input -s 0/0 -d 0/0 $rpcport -j REJECT -p tcp -i eth0
/sbin/ipchains -A input -s 0/0 -d 0/0 $rpcport -j REJECT -p udp -i eth0
done
then I have the ports blocked again on my exterior firewall.
but it sounds like rpcinfo is able to detect the services, so whats
the problem? Unless your running rpcinfo from a host which is not listed
in hosts.deny, in which case the format of your hosts.deny may be off
(service name misspelled or something). I think a firewall would be
more effective.
nate
Reply to: