ubuntu: configure iptables to allow NFS traffic

ubuntu iptables nfs
8,134

If you using just TCP with NFS4, ports 111 and 2049 will do. If you are planning to have NFS3 and below for compatibility reasons, you need to open ports for within the following:

RQUOTA
LOCKD
MOUNTD
STATD

However, you will need to explicitly set static ports for those domains, otherwise they will use random ports by default, which will cause issues for NFSv2/3 clients. Here is a link for specifying the ports on Ubuntu:

https://wiki.ubuntu.com/How%20to%20get%20NFS%20working%20with%20Ubuntu-CE-Firewall

(For some reason, it is harder to do on Ubuntu than on Red Hat, as most of the links I found are for Red Hat. If I find something better, I'll post an update)

EDIT: Here is a better one - this is from Debian, which Ubuntu is based on:

http://wiki.debian.org/SecuringNFS

Also, in that article, go to this link:

http://www.tldp.org/HOWTO/NFS-HOWTO/security.html

Share:
8,134

Related videos on Youtube

jsharpe
Author by

jsharpe

Updated on September 18, 2022

Comments

  • jsharpe
    jsharpe over 1 year

    Possible Duplicate:
    Running NFS with iptables, change firewall?

    I need to allow a client to connect to a nfs server. If I disable iptables then NFS works great.

    I understand that when NFS starts it'll fire up RPCNFSDCOUNT (/etc/default/nfs-kernel-server) processes that all are running on a different port.

    How do I specify what ports those are so that they always fire up on the same port?

    Presumably I need to open up 111 for UDP and TCP traffic. What about the NFS ports? 2049? UDP/TCP? The other ports?

    Ubuntu-specific answers would be appreciated.

  • jsharpe
    jsharpe over 12 years
    I would use NFS4, but I'm on the latest ubuntu server and $ nfsstat is showing v3.
  • Rilindo
    Rilindo over 12 years
    Then you definitely need to explicitly set ports for the above daemons.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Mount an NFS4 export from Ubuntu on Mac OSX 10.11
How to see connection attempts rejected by firewall in real time?
need to route the traffic through a specific network card
Setting up a Linux server with a public Static IP
NFS Mounting over WAN which ports
What Iptables rules need I to forward a windows remote desktop connection?
Port Mirroring using iptables - copy all traffic among nginx on :80 and Apache on :8080
How to route the incoming connections through a specific interface?
How to block https website with iptables
how to open ports for localhost on linux?