| View previous topic :: View next topic |
| Author |
Message |
hujuice
Guru
Joined: 16 Oct 2007
Posts: 346
Location: Nicosia, Cyprus
|
 Posted: Sun Jul 24, 2011 10:47 pm Post subject: [SOLVED] nfs/nlockmgr ports |
 |
|
I'm unable to drive the rpc ports of a NFSv3 installation, managed with net-fs/nfs-utils-1.2.3-r1.
I need it because I need an iptables filter.
| Code: | # rpcinfo -p
programma vers proto porta
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 32765 status
100024 1 tcp 32765 status
100005 1 udp 32767 mountd
100005 1 tcp 32767 mountd
100005 2 udp 32767 mountd
100005 2 tcp 32767 mountd
100005 3 udp 32767 mountd
100005 3 tcp 32767 mountd
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100021 1 udp 46220 nlockmgr
100021 3 udp 46220 nlockmgr
100021 4 udp 46220 nlockmgr
100021 1 tcp 48833 nlockmgr
100021 3 tcp 48833 nlockmgr
100021 4 tcp 48833 nlockmgr |
The lockmgr ports appear to be randomly chosen, while an iptables filter needs a known port.
Who drives the nlockmgr ports? How to configure them to have a know value?
Could someone suggest something to me? 
Regards,
HUJuice
_________________
Who hasn't a spine, should have a method.
Chi non ha carattere, deve pur avere un metodo.
Last edited by hujuice on Mon Jul 25, 2011 10:46 am; edited 1 time in total |
|
| Back to top |
|
 |
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23093
|
| Posted: Mon Jul 25, 2011 2:59 am Post subject: |
|
|
| Set /proc/sys/fs/nfs/nlm_tcpport to the desired port number. |
|
| Back to top |
|
|
hujuice
Guru
Joined: 16 Oct 2007
Posts: 346
Location: Nicosia, Cyprus
|
| Posted: Mon Jul 25, 2011 8:24 am Post subject: |
|
|
| Hu wrote: | | Set /proc/sys/fs/nfs/nlm_tcpport to the desired port number. |
Thank you Hu. You're right but it is not resolved.
Until some week ago (before a nfs-utils upgrade?) I managed this value (and the corresponding nlm_udpport) via /etc/sysctl.conf.
Now I obtain the following:
| From rc.log: | * Configuring kernel parameters ...
* Unknown keys: error: "fs.nfs.nlm_tcpport" is an unknown key
error: "fs.nfs.nlm_udpport" is an unknown key |
And the values, in fact, are not set.
Manually setting the proc values and restarting nfs works fine.
nfsd, lockd and so on are built as modules. Should I set some module option?
Hujuice
_________________
Who hasn't a spine, should have a method.
Chi non ha carattere, deve pur avere un metodo. |
|
| Back to top |
|
|
hujuice
Guru
Joined: 16 Oct 2007
Posts: 346
Location: Nicosia, Cyprus
|
| Posted: Mon Jul 25, 2011 10:45 am Post subject: |
|
|
| hujuice wrote: | | Should I set some module option? |
The way to anchor lockd to a known port is:
| /etc/conf.d/modules: | modules_2_6="${modules_2_6} lockd"
module_lockd_args="nlm_udpport=4001 nlm_tcpport=4001" |
with your preferred port number.
Solved.
HUJuice
_________________
Who hasn't a spine, should have a method.
Chi non ha carattere, deve pur avere un metodo. |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23093
|
| Posted: Tue Jul 26, 2011 2:19 am Post subject: |
|
|
| Those sysctl values exist only when the corresponding code is available. Since you did not include NFS in the main kernel binary, the sysctl is not available when the system initializes. If you intend to have NFS always available, it would be simpler to build it in than to have a permanently loaded module. |
|
| Back to top |
|
|
hujuice
Guru
Joined: 16 Oct 2007
Posts: 346
Location: Nicosia, Cyprus
|
| Posted: Tue Jul 26, 2011 5:24 am Post subject: |
|
|
That makes sense.
My problem, anyway, was generated by some changes (in baselayout? in nfs-utils? in the kernel?).
I'm completely sure that the modular NFS solution and the sysctl.conf management worked until a handful of weeks ago.
Also, I just updated the gentoo-wiki.com related page, that simply suggested the sysctl.conf way.
Regards,
HUJuice
_________________
Who hasn't a spine, should have a method.
Chi non ha carattere, deve pur avere un metodo. |
|
| Back to top |
|
|
|
Kernel & Hardware
