| View previous topic :: View next topic |
| Author |
Message |
thebigslide
l33t
Joined: 23 Dec 2004
Posts: 792
Location: under a car or on top of a keyboard
|
 Posted: Fri Jan 28, 2005 6:14 pm Post subject: RPC-portmapper + iptables headache - solved |
 |
|
I am trying to get portmapper running on a box that is thoroughly firewalled and I was wondering if anyone know of a connection tracking patch or some other way of allowing this besides opening up a whole dump of UDP ports...
Last edited by thebigslide on Sun Jan 30, 2005 3:54 pm; edited 1 time in total |
|
| Back to top |
|
 |
yaneurabeya
Veteran
Joined: 13 May 2004
Posts: 1754
Location: Seattle
|
| Posted: Sun Jan 30, 2005 8:38 am Post subject: |
|
|
| Maybe you should try IPmasqueing? Do you need full server support or just the ability to make outbound connections? |
|
| Back to top |
|
|
thebigslide
l33t
Joined: 23 Dec 2004
Posts: 792
Location: under a car or on top of a keyboard
|
| Posted: Sun Jan 30, 2005 2:09 pm Post subject: |
|
|
I am using IP masquerading right now, but that's for something else. I'm not trying to forward ports, I'm trying to run an NFS server on the LAN side of from the firewall 
I should have put this in the original question, sorry.
The portmapper service picks a seemingly random port for NFS to use for each connection it makes. I don't know the range it picks from but it's HUGE. I want to know if iptables has a way of determining which port NFS is going to use by the payload of the portmapper (port 111) transaction, like it does for FTP.
Also, is there an easier way of doing what I'm trying to do (they cannot afford another server). |
|
| Back to top |
|
|
thebigslide
l33t
Joined: 23 Dec 2004
Posts: 792
Location: under a car or on top of a keyboard
|
| Posted: Sun Jan 30, 2005 3:54 pm Post subject: |
|
|
| I found [url="http://www.lowth.com/LinWiz/nfs_help.html"]this[/url] page which explained how to resolve the issue. |
|
| Back to top |
|
|
|
Networking & Security
