除了 NFS 常用的 port number 是 111 及 2049,其它亂數產生的 port number 希望將它固定一個範圍
在 /etc/sysconfig/nfs 可以動這些參數
RQUOTAD_PORT=9001
LOCKD_TCPPORT=9002
LOCKD_UDPPORT=9002
MOUNTD_PORT=9003
STATD_PORT=9004
STATD_OUTGOING_PORT=9005
那iptables的設定是
iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 111 -j ACCEPT
iptables -A INPUT -m state –state NEW -m udp -p udp –dport 111 -j ACCEPTiptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 2049 -j ACCEPT
iptables -A INPUT -m state –state NEW -m udp -p udp –dport 2049 -j ACCEPTiptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 9001 -j ACCEPT
iptables -A INPUT -m state –state NEW -m udp -p udp –dport 9001 -j ACCEPTiptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 9002 -j ACCEPT
iptables -A INPUT -m state –state NEW -m udp -p udp –dport 9002 -j ACCEPTiptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 9003 -j ACCEPT
iptables -A INPUT -m state –state NEW -m udp -p udp –dport 9003 -j ACCEPTiptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 9004 -j ACCEPT
iptables -A INPUT -m state –state NEW -m udp -p udp –dport 9004 -j ACCEPTiptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 9005 -j ACCEPT
iptables -A INPUT -m state –state NEW -m udp -p udp –dport 9005 -j ACCEPT
留言