添加 /etc/sysconfig/nfs文件
MOUNTD_PORT="892"
#STATD_PORT=""
#LOCKD_TCPPORT=""
#LOCKD_UDPPORT=""
/etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -p tcp -s 172.18.3.135 -m multiport --dport 111,892,2049 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -s 172.18.3.135 -m multiport --dport 111,892,2049 -j ACCEPT
27.1.23. /etc/sysconfig/nfs
NFS requires the portmap, which dynamically assigns ports for RPC services. This causes problems for configuring firewall rules. To overcome this problem, use the /etc/sysconfig/nfs file to control which ports the required RPC services run on.
The /etc/sysconfig/nfs may not exist by default on all systems. If it does not exist, create it and add the following variables (alternatively, if the file exists, un-comment and change the default entries as required):
MOUNTD_PORT="x"
control which TCP and UDP port mountd (rpc.mountd) uses. Replace x with an unused port number.
STATD_PORT="x"
control which TCP and UDP port status (rpc.statd) uses. Replace x with an unused port number.
LOCKD_TCPPORT="x"
control which TCP port nlockmgr (rpc.lockd) uses. Replace x with an unused port number.
LOCKD_UDPPORT="x"
control which UDP port nlockmgr (rpc.lockd) uses. Replace x with an unused port number.
If NFS fails to start, check /var/log/messages. Normally, NFS will fail to start if you specify a port number that is already in use. After editing /etc/sysconfig/nfs restart the NFS service by running the service nfs restart command. Run the rpcinfo -p command to confirm the changes.
To configure a firewall to allow NFS:
Allow TCP and UDP port 2049 for NFS.
Allow TCP and UDP port 111 (portmap/sunrpc).
Allow the TCP and UDP port specified with MOUNTD_PORT="x"
Allow the TCP and UDP port specified with STATD_PORT="x"
Allow the TCP port specified with LOCKD_TCPPORT="x"
Allow the UDP port specified with LOCKD_UDPPORT="x"
阅读(1171) | 评论(0) | 转发(0) |
