Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Iptables for NFS Servers, random ports?
Top Forums UNIX for Advanced & Expert Users Iptables for NFS Servers, random ports? Post 302297375 by humbletech99 on Friday 13th of March 2009 07:31:26 AM
Old 03-13-2009
Iptables for NFS Servers, random ports?
This may seem like a silly question, but how do you iptable firewall an NFS Server tightly? I tend to use Samba much more heavily which is easy, the ports are clearly defined... but on NFS it is relying on portmapper (yuck).... so the ports may change... Is it possible to fix the NFS Server ports, and if so, do you still have to keep portmapper open? (I guess so) Or is there some clever iptables rule or module that will allow NFS to work without opening lots of high port numbers..? EDIT: OK solved it, fixing the ports is definitely the way to go...
Last edited by humbletech99; 03-13-2009 at 09:35 AM..
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

NFS and NIS reserved ports

Does anyone know how to assign rpc ports to NFS or NIS processes on Solaris please ? Thanks, Michael Chnader (0 Replies)
Discussion started by: mchnaider
0 Replies

2. Shell Programming and Scripting

Telnet script to test open ports on mult servers

Hello All, Can somebody help me with this script. I have an output file with a list of servers ips and ports. I need to be able to run this script to list all the server ips in the outfile and find out if the port is open or not. #!/bin/sh IFS=#;for i in $(cat portTest); do # check... (2 Replies)
Discussion started by: liketheshell
2 Replies

3. Web Development

NFS file sharing among web servers

I'm exploring the possibility of load balancing 2 web servers and have both access an NFS share on an NFS server. I'm wondering which types of data would need to reside on the webservers and the NFS server. Would the entire web directory (HTML, CSS, images, documents) all reside in the NFS server... (1 Reply)
Discussion started by: gaspol
1 Replies

4. AIX

Problem with NFS mount and network configuration between AIX and Windows 2003 servers

I ‘m beginner on unix I want to move an unix aix post 5.2 on distant site for use catia V4 with a foundation of data accommodated by a serveur windows 2003 and an environment accommodated on the serveur aix. The computer was linked up by IP (122.0.0.8) with waiter 2003 (via NFS) and the waiter... (8 Replies)
Discussion started by: astiaous
8 Replies

5. Ubuntu

expect script for random password and random commands

Hi I am new to expect. Please if any one can help on my issue its really appreciable. here is my issue: I want expect script for random passwords and random commands generation. please can anyone help me? Many Thanks in advance (0 Replies)
Discussion started by: vanid
0 Replies

6. Shell Programming and Scripting

Script to check numerous ports / servers (Solaris native)

Hi I'd like to check that a bunch of firewall rules have been applied and, therefore, want to write a script that basically does the following: telnet serverA port1 telnet serverA port2 telnet serverB port1 telnet serverB port2 I would just compile the list in excel and run it as a... (2 Replies)
Discussion started by: jibberish
2 Replies

7. Shell Programming and Scripting

Need to generate a file with random data. /dev/[u]random doesn't exist.

Need to use dd to generate a large file from a sample file of random data. This is because I don't have /dev/urandom. I create a named pipe then: dd if=mynamed.fifo do=myfile.fifo bs=1024 count=1024 but when I cat a file to the fifo that's 1024 random bytes: cat randomfile.txt >... (7 Replies)
Discussion started by: Devyn
7 Replies

8. Red Hat

Problem about NFS to change the share folder at several servers.

All, I re-wrote our scripts to speed-up the compiling time, original time is about 1hrs. now dispatch the sub task to different servers through SSH. Now my question is that: If dispatch these tasks into the current server, there is no errors during compiling process. If dispatch these tasks... (0 Replies)
Discussion started by: fduan001
0 Replies

9. Solaris

Change NFS default ports

Hello friends, please advice me how to change nfs lockd_tcpport,lockd_udpport,mountd_port,rquotad_port.statd_port,statd_outgoing_port default ports in to different ports. is it in /etc/default/nfs ? thanks!:b: (1 Reply)
Discussion started by: darakas
1 Replies

10. Red Hat

RHEL 7.1 autofs permissions do not match NFS servers

RHEL 7.1 client using autofs to mount a NIS map of home directories being exported by a Solaris 10x86 nfs server. The owner and group are correct on the NFS server, but on the RHEL client, the owner and group end up being nobody nobody. The USERS and GROUPS are NIS maps as well. They are... (2 Replies)
Discussion started by: mrmurdock
2 Replies

LEARN ABOUT HPUX

nfsd

nfsd(1M)																  nfsd(1M)

NAME

       nfsd - NFS daemon

SYNOPSIS

       #_conn] listen_backlog] protocol] device] [nservers]

DESCRIPTION

       is the daemon that handles client file system requests.	Only users with sufficient privileges can run this daemon.

       The daemon is automatically invoked if and in the file.

       By  default,  starts  over the TCP and UDP transports for version 2 and version 3, and over TCP for version 4, if NFS version 4 is enabled.
       One can change this with the option.

       A previously invoked daemon started with or without options must be stopped before invoking another command.

       Administrators wanting to change startup parameters for should make changes (as root user) to the NFS default file (see nfs(4)).   Adminis-
       trators can either edit this file or use the command to make changes.

   Options
       The following options are supported:
	      Start  a NFS daemon over all available connectionless and connection-oriented transports, including UDP and TCP.	Equivalent to set-
	      ting the parameter to in the NFS default file.

	      This sets the maximum number of connections allowed to the NFS
		     server over connection-oriented transports.  By default, the number of connections is unlimited.  Equivalent to the parameter
		     in the NFS default file.

	      Set connection
		     queue  length  for  the  NFS  TCP	over a connection-oriented transport.  The default value is 32 entries.  Equivalent to the
		     parameter in the NFS default file.

	      Start a NFS daemon over the specified protocol.
		     Equivalent to the parameter in the NFS default file.

	      Start a NFS daemon for the transport specified by the given device.
		     Equivalent to the parameter in the NFS default file.

   Operands
       The following operands are supported:
	      This sets the maximum number of concurrent NFS requests that the server can handle.  This concurrency is achieved by up to  nservers
	      threads  created	as needed in the kernel.  nservers should be based on the load expected on this server.  16 is the usual number of
	      nservers.  If nservers is not specified, the maximum number of concurrent NFS requests will default to 1.   Changing  the  value	of
	      nservers requires stopping and restarting Equivalent to the parameter in the NFS default file.

   Notes
       A directory service that provides service name data base support must have the following service entries in its database:

       If  the	kernel	tunable  (see  nfs_portmon(5)) is set to 1, then clients are required to use privileged ports (ports < IPPORT_RESERVED) to
       receive NFS services.  This tunable is set to 0 by default.  Use (see kctune(1M)) to set this tunable.

       By default, the NFS version 4 server is disabled. In order to enable it you must stop the NFS server.  As root, either use the command (see
       setoncenv(1M)) or edit to set the parameter to 4.

EXIT STATUS

       Daemon started successfully.
       Daemon failed to start.

WARNINGS

       Manually starting and restarting is not recommended.  If it is necessary to do so, use the NFS server start/stop script

FILES

       client machine pointer to an open-but-unlinked file.

       shell script for starting

       startup parameters for

       directories used by the server to manage client state
	      information; these directories should not be removed.

AUTHOR

       was developed by Sun Microsystems, Inc.

SEE ALSO

       kctune(1M), mountd(1M), setoncenv(1M), getservent(3N), nfs(4), nsswitch.conf(4), services(4), sharetab(4), nfs_portmon(5).

																	  nfsd(1M)
All times are GMT -4. The time now is 09:20 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy