Re: nfs issue...
From: Pete Nesbitt (pete_at_linux1.ca)
Date: 07/02/04
- Previous message: Mike Vanecek: "Re: update rpms"
- In reply to: bruce: "RE: nfs issue..."
- Next in thread: bruce: "RE: nfs issue..."
- Reply: bruce: "RE: nfs issue..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: bedouglas@earthlink.net, General Red Hat Linux discussion list <redhat-list@redhat.com> Date: Fri, 2 Jul 2004 11:14:59 -0700
On July 2, 2004 09:51 am, bruce wrote:
> pete....
>
> arrgghhhh... something's going wrong again.......
>
> i rebooted the server.... and restarted nfs, and the required processes...
>
> without iptables running on the client/server.. i can connect from the
> client to the server.
>
> when i enable iptables on the server, the client no longer connects... i
> get:
>
> mount: RPC: Remote system error - Connection refused
>
> the iptables for the server is what we used last night...
>
> # Firewall configuration written by lokkit
> # Manual customization of this file is not recommended.
> # Note: ifup-post will punch the current nameservers through the
> # firewall; such entries will *not* be listed here.
> *filter
>
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> :RH-Lokkit-0-50-INPUT - [0:0]
>
> -A INPUT -j RH-Lokkit-0-50-INPUT
> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT
> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT
> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 23 --syn -j ACCEPT
> -A RH-Lokkit-0-50-INPUT -p udp -m udp -s 0/0 --sport 67:68 -d 0/0 --dport
> 67:68 -i eth0 -j ACCEPT
> -A RH-Lokkit-0-50-INPUT -p udp -m udp -s 0/0 --sport 67:68 -d 0/0 --dport
> 67:68 -i eth1 -j ACCEPT
> -A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT
> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 0:1023 --syn -j REJECT
> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 2049 --syn -j ACCEPT
> -A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 0:1023 -j REJECT
> -A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 2049 -j ACCEPT
> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 6000:6009 --syn -j REJECT
> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 7100 --syn -j REJECT
> COMMIT
>
Bruce,
Is iptables stopped on the client?
Can you post the output of 'service iptables status' from the server?
On the client, with iptables stopped, it's "service iptables status" should be
"Firewall is stopped."
-- Pete Nesbitt, rhce -- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
- Previous message: Mike Vanecek: "Re: update rpms"
- In reply to: bruce: "RE: nfs issue..."
- Next in thread: bruce: "RE: nfs issue..."
- Reply: bruce: "RE: nfs issue..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
