[Shorewall-newbies] Shorewall and NFS?
lxaphir at yahoo.com
Tue Jan 6 04:34:17 PST 2004
On Sun, 2004-01-04 at 10:29, Tom Eastep wrote:
> On Sunday 04 January 2004 07:26 am, Tom Eastep wrote:
> > On Sunday 04 January 2004 05:49 am, Ronald J. Hall wrote:
> > > So I googled, found the Shorewall install guide and faqs, searched the
> > > Mandrake archives, and posted a query to the newbie and expert list. A
> > > couple of people have been trying to help there.
> > Stupid suggestion --
> > a) Go to the Shorewall home page.
> > b) At the top, you will see a "Search" form.
> > c) Enter NFS in the form and click "Search"
> > The second hit is quite relevant.
> > If the set of rules that you find there don't work (and of course you
> > should be looking at the Shorewall log to see what traffic is still getting
> > blocked), then I suggest opening ALL UDP traffic from the client systems to
> > the server in addition to TCP port 111.
> Oh -- and you should heed the warning on the Shorewall home page regarding
> Mandrake's "Internet Connection Sharing"; Mandrake apparently doesn't want
> you to be able to use my documentation directly so they have decided:
> a) To call the local zone 'masq'; and
> b) To leave an empty zone called 'loc' so that any rules that you add for
> 'loc' will not produce errors but will simply be ignored.
Wow, just saw this. Thanks for the information!
However, if that is true, would not the following rule NOT work?
DNAT net loc:192.168.0.18 udp 5121 - -
I still need to check out the full range of documentation concerning
this, but I did make some changes to the policy file before the above
loc net ACCEPT
More information about the Shorewall-newbies