[Shorewall-users] which ports for NFS shares
Wed, 23 Jan 2002 07:18:11 -0800
On Wednesday 23 January 2002 07:10 am, Goetz Reinicke wrote:
> I'd like to mount some NFS shares on an "shorewalled" system. Are there
> special ports I have to open besides nfs 111 ?
Actually, 111 is portmap. And therein lies the problem in that=20
portmap-assigned ports are completely dynamic. There was a portmap=20
connection-tracking module in the iptables "patch-o-matic" at one time; I=
tried to use it but gave up after a couple of hours.
The bottom line is that I don't have a good solution for you other than t=
a) establish a tunnel between the NFS client and server and use NFS throu=
the tunnel; or
b) open all non-priv UDP traffic (ports 1024: ) from NFS client to server=
Tom Eastep \ A Firewall for Linux 2.4.*
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ email@example.com