Personal tools
You are here: Home / Clients / Mathis / Work logs / July 2003 / Firewall and NFS

Firewall and NFS

When ellen boots, it attempts to mount the /home directory from zeck using NFS. The firewall was stopping NFS from working properly, even though the NFS port is open for the internal network. It turned out that another service, 'mountd', needed a hole punched for it.


Jul 15, 2003 11:00 PM

Jul 15, 2003 11:00 PM

* Identified that if the firewall was brought down, the mount could go ahead. * Found that there are actually three services running, 'nfsd', 'portmapper' and 'mountd'. When ellen asks to mount a directory, it first contacts the portmapper on port 111, getting a port to use for mountd. Then it contacts mountd which negotiates a mount through nfs. * Unfortunately, the portmapper and mountd need to be told to always use a well-known port, which I've set as 10037. This is done by adding the following line to '/etc/sysconfig/nfs':: MOUNTD_PORT=10037 * Added this port to the allowed *internal* ports on zeck's firewall. The other two ports, nfs and portmapper, were already allowed internally. * Reloaded the firewall and rebooted ellen, to check, and everything seems to be ok.



Document Actions