| Anonymous | Login | Signup for a new account | 2013-06-20 01:20 UTC |  |
| Main | My View | View Issues | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||||
| 0005864 | CentOS-6 | system-config-firewall | public | 2012-07-28 19:40 | 2012-07-28 19:40 | ||||||
| Reporter | ivan.georgiev89 | ||||||||||
| Priority | normal | Severity | minor | Reproducibility | always | ||||||
| Status | new | Resolution | open | ||||||||
| Platform | OS | OS Version | |||||||||
| Product Version | 6.3 | ||||||||||
| Target Version | Fixed in Version | ||||||||||
| Summary | 0005864: system-config-firewall-tui does not open all ports required for NFS | ||||||||||
| Description | Hello According to RH Documentation, in order to use NFS behind firewall UDP port 111 has to be open.: http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/s2-nfs-nfs-firewall-config.html [^] I installed system-config-firewall-tui and put a mark on NFSv4, so that this service be available. The results: [root@manager ~]# cat /etc/sysconfig/iptables # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 69 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT -> no port 111 -> clients are not able to mount NFS exports -> stopping iptables or adding rule for udp:111 resolves the problem. ?his report may be valid for system-config-firewall - please check. BR, Ivan Georgiev | ||||||||||
| Tags | No tags attached. | ||||||||||
| Attached Files | |||||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
| There are no notes attached to this issue. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2012-07-28 19:40 | ivan.georgiev89 | New Issue | |
|
Issue History |
| Copyright © 2000 - 2011 MantisBT Group |
 |