It isn't part of the standard Trustix distro, but have you tried using Shorewall (http://www.shorewall.net) for your IPtables configuration? I'm not certain that it will solve this particular problem, but it has made my life much easier when having to deal with IPtables rules. With Shorewall, in the rules file, you could create a rule allowing NFS access from a specific range of IP addresses to a specific range of ports. Yes, this can be done by hand with iptables directly, but the Shorewall config files make it so much easier, I can't imagine going back to doing it by hand. Here is a link to a post on the Shorewall list that explains the whole process for allowing NFS through Shorewall. (http://sourceforge.net/mailarchive/forum.php?thread_id=8972145&forum_id=2270)
Hope this helps. Sincerely, Kurt Kincaid Email: perl -e "($_='tjgvlvsuAzbipp/dpn')=~s/(.)/chr(ord($1)-1)/ge;print" -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (MingW32) - WinPT 0.10.1 Comment: GnuPT 2.7.2 mQGiBEMUfsARBADwwnyENR20vxR1V8ouwdHkQhmu6Fb4PJPSnp1tVzE3z9BhyXBR +nH3+RSnwW66PQOK90YutpGSCq456WW2WbCKeBmZTqM8ROxneU5T+fEnJ8F3jfdh oD9c07L/dljcC/S7WdcDyvBqy9i+ffbXCmgfIiZfahL+qstFTSkBnA0VJwCg12nZ VqUoBVKhXH0ehMF9rZpc8zMD/Ak+mWDopbTnB0G8qNrACVe9ECOm5WiETTPtMFFw ero6kyMX374W+Mw3uT56wZWZPE39LJlIkH6XMW3WeuWrQhZApU0QAEC+X8Q6i8Lg u4JcuW1+V2tqQZBcAzp7v3VcJ0sKF8+KY85mss9uzET9XMUp/vBjGSSB1GIauuti MRDtA/9xkdFuGLLy5VGORU4TUMNKva+/EsT7AuZwc3yNXIcpoZDK1uNvPN/GaXqO dX+Uf8YkSk5ZX1k+TzWl93LHZlsjsLB3oMrPBEfnIs4UKQ6yf5LN+QBrgAkp3yPC s1aELFxR23TPUgwCrifpePNQpfAm2cmfawkiXQPT6+v8aNpmEbQhS3VydCBLaW5j YWlkIDxzaWZ1a3VydEB5YWhvby5jb20+iF0EExECAB0FAkMUfsAGCwkIBwMCBBUC CAMEFgIDAQIeAQIXgAAKCRBIb7Q8cdJc2th/AKCj6rOShGSdnn8MXXE7xT0sYL8s owCff+NGLVeyI3rkL6Qgc9mWEHuoZGy5Ag0EQxR+zxAIALbw2Ipr84j0W0s6kPWi Mmog094qI55vVB0CNDb46cGev4QVjQN9/f1xngX2gh9k1NPGyxD/mScOuxFYsAd9 ocPaVdUqlSOtZKU8nJpBXuvvJWzE6OdMvGrhEOFUKkVtO/CW4q7qeFuvqQh9cEmm bwacvafH6fNft9ZiH02o064LBT6TunPT5V4rPucD3Vo650a2hCtXOa9ic9hZLpAx yuSSyHO1h12VHjiuwIi2lLhiF+kSZJ1wq82b3WzOAb7N8Hnn5NdarfZ2nSP+Yx4P n74mp7IBo6dRKrCrmUTAxgv9kTaq6jTpz9nSai/ePCul3/OJjPN5ODEamQMAGPde AaMAAwUIAKVFldENU/JW1gHzqtO1SOPgBEKGe1C/+j6ys8K4qAV9lgwyCogU7QIU 7404z80xEk++Yh5zwN8OQilVfZJKNN/8Rng66Am4/F9YA1OEFCBUe/vEpjuXvlik 7JRg38PdEg0X0b7To3xWn2KzhaXDsc5h9ENYROXAOmYFSwnrOvtdh+uxRiXn0DwG 44rt7kKtH2s6gBymgAnZ+UprUyiMu+ZKi3QlB3zIMgRdrF4xiNyFyk/uUIp9eQ1O Pdqvnwq+V6+43qmxKTqvuurhhnDoGP4yq2euvKu5ymD/7IDTTtaNZzE0pVTkjaOv Iq5kJTTcgh+mftIMzHxHCao5i5RGRMeIRgQYEQIABgUCQxR+zwAKCRBIb7Q8cdJc 2litAJ9JqVjZWUrRTze1JLrlqzsU73db0QCeN8SJnzOwFFjSFc2eea4ZXTGl0q0= =rlzl -----END PGP PUBLIC KEY BLOCK----- --- lore <[EMAIL PROTECTED]> wrote: > Alle 16:05, mercoledì 29 marzo 2006, Morten Nilsen ha scritto: > > lore wrote: > > > hi all, > > > i've just configured a nfs service on a TSL2.2-2.4.32-1tr server ( with > > > iptables ;-) ), but when i restart the server or the nfs service, the > > > ports of rpc.mount change, and the client can't mount the partition. how > > > can i set the iptables roules for it? or what can i do/read/study/know to > > > solve this problem? > > > > I would simply add a rule allowing all connections from the hosts that > > will do NFS > > thanks for your help, i've tried to insert some ports in /etc/services and > seems that works well without change ports. > i'm sorry for my stupid question. > > lore > > -- > Pino Maiuli Crew > > > -- > Email.it, the professional e-mail, gratis per te: http://www.email.it/f > > Sponsor: > Se stai pensando di cambiare o acquistare la tua auto, la soluzione è > richiedere un Credito > Auto Findomestic, facile e senza anticipi > * > Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?midI68&d)-3 > _______________________________________________ > tsl-discuss mailing list > [email protected] > http://lists.trustix.org/mailman/listinfo/tsl-discuss > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
