标签:NFS设置防火墙
查看所有的端口:
[root@xxx ~]# rpcinfo -p
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 57891 status
100024 1 tcp 57533 status
100021 1 udp 51455 nlockmgr
100021 3 udp 51455 nlockmgr
100021 4 udp 51455 nlockmgr
100021 1 tcp 43056 nlockmgr
100021 3 tcp 43056 nlockmgr
100021 4 tcp 43056 nlockmgr
100005 1 udp 37363 mountd
100005 1 tcp 40833 mountd
100005 2 udp 48919 mountd
100005 2 tcp 50961 mountd
100005 3 udp 37358 mountd
100005 3 tcp 53308 mountd
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100227 2 tcp 2049 nfs_acl
100227 3 tcp 2049 nfs_acl
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100227 2 udp 2049 nfs_acl
100227 3 udp 2049 nfs_acl
LOCKD_TCPPORT=43056
LOCKD_UDPPORT=51455
MOUNTD_PORT=53308
service nfs restart
iptables -I INPUT -i eth2 -p tcp -s 192.168.101.15 --dport 2049 -m state --state NEW,ESTABLISHED -j ACCEPT;
iptables -I INPUT -i eth2 -p udp -s 192.168.101.15 --dport 2049 -m state --state NEW,ESTABLISHED -j ACCEPT;
iptables -I INPUT -i eth2 -p tcp -s 192.168.101.15 --dport 53308 -m state --state NEW,ESTABLISHED -j ACCEPT;
iptables -I INPUT -i eth2 -p udp -s 192.168.101.15 --dport 53308 -m state --state NEW,ESTABLISHED -j ACCEPT;
iptables -I INPUT -i eth2 -p tcp -s 192.168.101.15 --dport 43056 -m state --state NEW,ESTABLISHED -j ACCEPT;
iptables -I INPUT -i eth2 -p udp -s 192.168.101.15 --dport 43056 -m state --state NEW,ESTABLISHED -j ACCEPT;
iptables -I INPUT -i eth2 -p tcp -s 192.168.101.15 --dport 51455 -m state --state NEW,ESTABLISHED -j ACCEPT;
iptables -I INPUT -i eth2 -p udp -s 192.168.101.15 --dport 51455 -m state --state NEW,ESTABLISHED -j ACCEPT
service iptables save
标签:NFS设置防火墙
原文地址:http://blog.51cto.com/victor2016/2107360
