Hi
I'm getting an interesting message is my firewall logs on my NFS server.
The NFS server 10.0.0.1 is blocking these packets outgoing
DENY IN= OUT=eth0 SRC=10.0.0.1 DST=10.0.0.100 LEN=1236 TOS=0x00
PREC=0x00 TTL=64 ID=34527 DF PROTO=TCP SPT=2049 DPT=910 WINDOW=2003
RES=0x00 ACK PSH URGP=0
why?
The NFS client 10.0.0.100 is still able to access and read from the nfs
shares.
The client is running Ubuntu Gutsy and the server Ubuntu Feisty
One the server
rpcinfo -p
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 32765 status
100024 1 tcp 32765 status
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100021 1 udp 32768 nlockmgr
100021 3 udp 32768 nlockmgr
100021 4 udp 32768 nlockmgr
100021 1 tcp 32768 nlockmgr
100021 3 tcp 32768 nlockmgr
100021 4 tcp 32768 nlockmgr
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100005 1 udp 32767 mountd
100005 1 tcp 32767 mountd
100005 2 udp 32767 mountd
100005 2 tcp 32767 mountd
100005 3 udp 32767 mountd
100005 3 tcp 32767 mountd
The ports are all set so they will not change when I restart nfs and can
be very strict with my iptables rules created with fwbuilder.
--
Steve
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
