From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1JkRho-0003bx-Bl for garchives@archives.gentoo.org; Fri, 11 Apr 2008 22:26:48 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 79682E07C2; Fri, 11 Apr 2008 22:26:45 +0000 (UTC) Received: from thunderstruck.travellingkiwi.com (damned.travellingkiwi.com [81.6.239.220]) by pigeon.gentoo.org (Postfix) with ESMTP id 4F1A7E07C2 for ; Fri, 11 Apr 2008 22:26:45 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by thunderstruck.travellingkiwi.com (Postfix) with ESMTP id D14401466060 for ; Fri, 11 Apr 2008 22:26:48 +0000 (GMT) From: Hamie To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] [OT] NFS through a firewall Date: Fri, 11 Apr 2008 22:26:44 +0000 User-Agent: KMail/1.9.7 References: In-Reply-To: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1321863.COoo0nNNqb"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200804112226.48511.hamish@travellingkiwi.com> X-Archives-Salt: de6c9ce8-0983-44da-9bd7-52c00131b55e X-Archives-Hash: 0ccbbe13b7364613852b19f0b825e0ec --nextPart1321863.COoo0nNNqb Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Friday 11 April 2008 13:49:11 Roger Mason wrote: > Hello, > > I'm trying to configure the firewall on a client to allow that client > to mount an nfs directory. The client runs a netfilter firewall, the > server uses tcpwrapper. [deleted] > > If I drop the client firewall the mount succeeds. > > Can someone help me figure out what must be put in my iptables script > to get this to work? > Do you have the option to run nfsv4? It uses only port tcp-2049. That way y= ou=20 don't need portmapper (port 111), lockmgr, status, or mountd. Hamish. --nextPart1321863.COoo0nNNqb Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQBH/+Wm/3QXwQQkZYwRAn+0AJ47XgINHzhUdosqjnsi/I0Lnvc8FACfRh0L PKLPk/SW3zVsaYma/FjmGtc= =d6JF -----END PGP SIGNATURE----- --nextPart1321863.COoo0nNNqb-- -- gentoo-user@lists.gentoo.org mailing list