On Wed, Sep 16, 2015 at 9:25 AM, Steve Dickson <[email protected]> wrote: > > > > On 09/15/2015 03:15 PM, Soumya Koduri wrote: > > > > > > On 09/15/2015 12:00 AM, Malahal Naineni wrote: > >> Steve Dickson [[email protected]] wrote: > >>> Hello, > >>> > >>> On 09/14/2015 09:11 AM, Soumya Koduri wrote: > >>>> Hi, > >>>> > >>>> In the latest Linux distributions (Fedora), ports 2049 (nfs) and 20048 > >>>> (mountd) are configured to be opened by default by firewalld service. > >>>> > >>>> Files: '/usr/lib/firewalld/services/nfs.xml' & > >>>> '/usr/lib/firewalld/services/mountd.xml'. > >>> Hmm... I didn't know about this... We should probably > >>> set the -p 20048 by default via /etc/sysconfig/nfs file or maybe the > >>> systemd script? > >> > >> I believe, mountd already uses /etc/services file by default. So > >> specifying it in /etc/services would be good. I think RHEL7 has one for > >> mountd. This is specific to NFSv3 anyway... > >> > > > > From '/etc/services' & [1], looks like port# '20048' has been registered to > > be used by mountd service. Does it help if we have ports registered for > > other services too then? Or is it better to keep them dynamic and leave it > > to admin to choose & edit '/etc/sysconfig/nfs' file as required. > > > > [1] http://www.iana.org/assignments/port-numbers > > > > I'm thinking its better to leave it up to the admins... >
If that is the case, is there any way to tie the ports assigned to /etc/sysconfig/nfs etc to a set of firewall rules that open those ports for incoming traffic? Having to adjust 2 sets of configurations every time you want to assign a new port is a potential source of errors. Trond ------------------------------------------------------------------------------ Monitor Your Dynamic Infrastructure at Any Scale With Datadog! Get real-time metrics from all of your servers, apps and tools in one place. SourceForge users - Click here to start your Free Trial of Datadog now! http://pubads.g.doubleclick.net/gampad/clk?id=241902991&iu=/4140 _______________________________________________ Nfs-ganesha-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nfs-ganesha-devel
