Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

NFS firewall configuration[solved]
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Adel Ahmed
Veteran
Veteran


Joined: 21 Sep 2012
Posts: 1606
PostPosted: Fri Oct 09, 2015 11:09 am    Post subject: NFS firewall configuration[solved] Reply with quote
I'm trying to configure my NFS server to use static ports

I have the following entry in /etc/conf.d/nfs:
OPTS_RPC_MOUNTD="-p 32767"

but:
pc ~ # rpcinfo -p | grep udp.*mountd
100005 1 udp 33268 mountd
100005 2 udp 37470 mountd
100005 3 udp 47579 mountd


thanks

Last edited by Adel Ahmed on Sat Oct 10, 2015 9:26 pm; edited 1 time in total
Back to top
View user's profile Send private message
Keruskerfuerst
Advocate
Advocate


Joined: 01 Feb 2006
Posts: 2289
Location: near Augsburg, Germany
PostPosted: Sat Oct 10, 2015 12:54 pm    Post subject: Reply with quote
It is uncommon to setup a firewall for NFS.
Back to top
View user's profile Send private message
szatox
Advocate
Advocate


Joined: 27 Aug 2013
Posts: 3494
PostPosted: Sat Oct 10, 2015 5:37 pm    Post subject: Reply with quote
Close enough. It seems this is what you're looking for:
Quote:
RPCMOUNTDOPTS="-p 32767"

https://wiki.debian.org/SecuringNFS
Back to top
View user's profile Send private message
Adel Ahmed
Veteran
Veteran


Joined: 21 Sep 2012
Posts: 1606
PostPosted: Sat Oct 10, 2015 9:21 pm    Post subject: Reply with quote
nope that did not work
I did notice in the systemd script:
ExecStart=/usr/sbin/rpc.mountd $RPCMOUNTDOPTS

EnvironmentFile=/etc/conf.d/nfs

so I changed that to:
ExecStart=/usr/sbin/rpc.mountd $OPTS_RPC_MOUNTD


worked like a charm
Back to top
View user's profile Send private message
szatox
Advocate
Advocate


Joined: 27 Aug 2013
Posts: 3494
PostPosted: Sun Oct 11, 2015 8:40 am    Post subject: Reply with quote
Quite funny. They should either both work or both fail.
After expanding variables you get exactly the same command line. If one worked and the other didn't, you had to either make some typo or define the variable in wrong place.
Back to top
View user's profile Send private message
Adel Ahmed
Veteran
Veteran


Joined: 21 Sep 2012
Posts: 1606
PostPosted: Tue Oct 13, 2015 9:38 am    Post subject: Reply with quote
I don't remember exactly, but I probably had copied that service script of some website, I probably just copide and didn't check
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy