[Shorewall-users] allowing RPC calls

Joe Van Andel vanandel@ucar.edu
Mon, 08 Apr 2002 21:53:04 -0600


I'm seeing RPC traffic rejected.
/var/log/messages shows:

Apr  8 21:44:36 ops-zebra kernel: Shorewall:net2all:DROP:IN=eth0 OUT= 
MAC=00:10:5a:75:b0:07:08:00:20:90:07:05:08:00 SRC=128.117.78.15 
DST=128.117.78.67 LEN=56 TOS=0x00 PREC=0x00 TTL=255 ID=45672 DF 
PROTO=UDP SPT=111 DPT=39164 LEN=36

where 128.117.78.67 is my firewall machine.  I'm trying to allow RPC 
traffic, since rules contains:
ACCEPT          net       $FW           tcp     portmapper
ACCEPT          net       $FW           udp     portmapper
ACCEPT          $FW       net           tcp     portmapper
ACCEPT          $FW       net           udp     portmapper

/etc/shorewall/firewall status shows
Chain net2fw (1 references)
  pkts bytes target     prot opt in     out     source 
destination

     5   640 ACCEPT     udp  ---  *      *       0.0.0.0/0 
0.0.0.0/0
         state NEW udp dpt:111

Chain fw2net (1 references)
  pkts bytes target     prot opt in     out     source 
destination
     0     0 ACCEPT     udp  ---  *      *       0.0.0.0/0 
0.0.0.0/0
         state NEW udp dpt:111

Is it possible to configure shorewall to allow RPC traffic?  (I searched 
the site and mail archives, and didn't come up with any advice.)

-- 
Joe VanAndel  	
National Center for Atmospheric Research
http://www.atd.ucar.edu/~vanandel/
Internet: vanandel@ucar.edu