Linux NFS Installation: Difference between revisions
Jump to navigation
Jump to search
| Line 17: | Line 17: | ||
On some system we also need to install "nfs-utils-lib". | On some system we also need to install "nfs-utils-lib". | ||
==Setup Security== | |||
===iptables=== | |||
Normally, a specific list of ports should be provided to iptables. <font color=red>I tried the following, but it did not work</font>: | |||
<pre> | |||
... | |||
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 111 -j ACCEPT | |||
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 111 -j ACCEPT | |||
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 2049 -j ACCEPT | |||
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 32803 -j ACCEPT | |||
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 32769 -j ACCEPT | |||
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 892 -j ACCEPT | |||
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 892 -j ACCEPT | |||
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 875 -j ACCEPT | |||
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 875 -j ACCEPT | |||
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 662 -j ACCEPT | |||
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 662 -j ACCEPT | |||
-A SSH -s 192.168.0.0/255.255.0.0 -j ACCEPT | |||
... | |||
</pre> | |||
then | |||
<pre> | |||
service iptables restart | |||
</pre> | |||
I ended up allowing everything from 192.168.0.0/255.255.0.0 for the duration of using the NFS. | |||
<pre> | |||
... | |||
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -j ACCEPT | |||
... | |||
</pre> | |||
===Amazon EC2=== | |||
=Client Installation= | =Client Installation= | ||
Revision as of 06:15, 21 August 2016
Internal
Relevance
- Updated for Amazon EC2
Server Installation
Install Packages
sudo su - yum install rpcbind nfs-utils
On some system we also need to install "nfs-utils-lib".
Setup Security
iptables
Normally, a specific list of ports should be provided to iptables. I tried the following, but it did not work:
... -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 111 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 111 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 2049 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 32803 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 32769 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 892 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 892 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 875 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 875 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 662 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 662 -j ACCEPT -A SSH -s 192.168.0.0/255.255.0.0 -j ACCEPT ...
then
service iptables restart
I ended up allowing everything from 192.168.0.0/255.255.0.0 for the duration of using the NFS.
... -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -j ACCEPT ...