[Sanewall-users] NFS glitch with sanewall firewall

Michael Mol Mon, 30 Dec 2013 12:45:38 -0800

So, centralized syslog, here's everything in context:

/var/log/messages-Dec 29 11:34:06 NFSClient kernel: nfs: server
NFSServer not responding, still trying
/var/log/messages:Dec 29 11:34:35 NFSServer kernel: OUT-nfsguest:IN=
OUT=brvlnfsguest SRC=[NFS server IP] DST=[NFS client IP] LEN=52
TOS=0x00 PREC=0x00 TTL=64 ID=17960 DF PROTO=TCP SPT=2049 DPT=741
WINDOW=423 RES=0x00 ACK RST URGP=0
/var/log/messages-Dec 29 11:34:07 NFSClient kernel: nfs: server NFSServer OK



And here are the relevant portions of the firewall configuration.
What's going on here:

common_nfs() {
        server ICMP accept
        server ms_ds accept
        server nfs accept
        server samba accept
        server sunrpc accept

        # NFS
        server custom nfstcp1 tcp/2049 any accept

        # iSCSI
        server custom iscsi tcp/3260 any accept

        server custom nfsudp udp/10002:10005 any accept
        server custom nfstcp2 tcp/10002:10005 any accept
        client all accept
}

interface brvlnfsguest nfsguest
        policy drop
        common_nfs

interface brvlnfshost nfshost
        policy drop
        common_nfs

-- 
:wq
_______________________________________________
Sanewall-users mailing list
[email protected]
http://lists.sanewall.org/mailman/listinfo/sanewall-users

[Sanewall-users] NFS glitch with sanewall firewall

Reply via email to