Re: NFS and iptables during bootup
On Fri, Aug 8, 2014 at 11:47 AM, Martin T <m4rtntns@gmail.com> wrote:
>
> I moved the script from /etc/init.d to /etc/network directory and
> changed the shebang line from /bin/bash to /bin/sh. /bin/sh on my
> system points to /bin/dash. Thanks for those tips!
>
> Content of firewall rule-files can be seen here:
>
> # cat /etc/firewall.conf /etc/firewall6.conf
> # Generated by iptables-save v1.4.8 on Tue Jul 1 10:41:45 2014
> *filter
> :INPUT DROP [17:1605]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [259:30520]
> -A INPUT -s 10.10.10.0/24 -j ACCEPT
> -A INPUT -s 8.8.8.8/32 -j ACCEPT
> -A INPUT -s 8.8.4.4/32 -j ACCEPT
> COMMIT
> # Completed on Tue Jul 1 10:41:45 2014
> # Generated by ip6tables-save v1.4.8 on Tue Jul 1 10:41:56 2014
> *filter
> :INPUT DROP [10518:992304]
> :FORWARD DROP [0:0]
> :OUTPUT DROP [0:0]
> COMMIT
> # Completed on Tue Jul 1 10:41:56 2014
>
> If I comment out just the "iptables-restore .." line from
> firewall-script and leave the "ip6tables-restore .." line uncommented,
> the machine also boots without problems, i.e. it's the IPv4 iptables
> rules which seem to cause the statd to fail. I modified the IPv4
> rules(/etc/firewall.conf file) in a following manner:
>
> # cat /etc/firewall.conf
> # Generated by iptables-save v1.4.8 on Fri Aug 8 17:08:22 2014
> *filter
> :INPUT DROP [1:146]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [50:7006]
> -A INPUT -s 10.10.10.0/24 -i eth0 -j ACCEPT
> -A INPUT -s 8.8.8.8/32 -i eth0 -j ACCEPT
> -A INPUT -s 8.8.4.4/32 -i eth0 -j ACCEPT
> -A INPUT -i lo0 -j ACCEPT
> COMMIT
> # Completed on Fri Aug 8 17:08:22 2014
Your problem's probably that there's no lo0 (a BSD loopback device
name?). It's lo.
Reply to: