Hello List,
When my LAMP server first fires up it runs a firewall script, but doesn't seem to be applying the rules that allow NFS connections. If I then rerun the script manually, the NFS connections work again.
My script has the following sections (other stuff, hopefully not relevant has been snipped).
<-- Start Firewall script -->
# Get the ports for NFS mountd
NFSPORTS_ARRAY=`rpcinfo -p | awk '/mountd/ {print $4}' | sort | uniq`
for PORT_NUM in $NFSPORTS_ARRAY
do
if [ ! $NFSPORTS ]
then
NFSPORTS=$PORT_NUM
else
NFSPORTS="${NFSPORTS},${PORT_NUM}"
fi
done# then some rules that define different chains (internal, external etc) # followed by
label=internal
# Allow NFS connections from internal boxes
$iptables --append $label --match multiport --proto tcp --dport 111,$NFSPORTS --jump ACCEPT
$iptables --append $label --match multiport --proto udp --dport 111,2049,$NFSPORTS --jump ACCEPT
<-- End firewall script -->
After the box is first booted, it rejects attempt to mount the NFS exports with (from the client side)
$ mount: RPC: Remote system error - Connection refused
The firewall is started from my interfaces file thus:
< -- Start Interfaces file -->
iface eth0 inet static
address 192.168.1.2
netmask 255.255.255.0
broadcast 192.168.1.255
gateway 192.168.1.254
up /etc/network/firewall || true< -- End Interfaces file -->
After the box is booted, if I ssh into and then rerun the firewall script, it then accepts NFS connections.
Any idea why it won't accept them without me manually rerunning the firewall script?
Cheers,
David
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
