From owner-freebsd-questions  Sun Jul 22 19:35:43 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from copland.udel.edu (copland.udel.edu [128.175.13.92])
	by hub.freebsd.org (Postfix) with ESMTP id 5537437B401
	for <freebsd-questions@freebsd.org>; Sun, 22 Jul 2001 19:35:40 -0700 (PDT)
	(envelope-from elliot@UDel.Edu)
Received: from copland.udel.edu (copland.udel.edu [128.175.13.92])
	by copland.udel.edu (8.9.3/8.9.3) with ESMTP id WAA20123
	for <freebsd-questions@freebsd.org>; Sun, 22 Jul 2001 22:35:39 -0400 (EDT)
Date: Sun, 22 Jul 2001 22:35:39 -0400 (EDT)
From: "Elliot L. Tobin" <elliot@UDel.Edu>
To: <freebsd-questions@freebsd.org>
Subject: NFS and ipfw (fwd)
Message-ID: <Pine.SOL.4.31.0107222234030.19645-100000@copland.udel.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

I just setup NFS and created some rules to protect it, using ipfw.  All
the boxes, temporarily, are both servers and clients.


box1 and box2 are having no problems talking to each other.  Each can
mount the other's shares.  However, box1 and box3 are having problems.
When box1 tries mounting a share on box3, syslog on box1 reads "NFS
Portmap: RPC: Port mapper failure - RPC: Unable to send".

The firewall on box3 allows tcp/udp on port 2049 and 111, from box1.  The
firewall on box1 has teh exact same setup for box2 and box3, so I'm not
sure the problem.

The syslog on box1 now spits of "/kernel nfsd send error 13" all the time,
because box3 is trying to mount what box1 is offering.

These are my rules on box1 ..

        ${fwcmd} add pass tcp from ${box2} to ${ip} 2049
        ${fwcmd} add pass udp from ${box2} to ${ip} 2049
        ${fwcmd} add pass tcp from ${box3}     to ${ip} 2049
        ${fwcmd} add pass udp from ${box3}     to ${ip} 2049

        ${fwcmd} add pass tcp from ${box2} to ${ip} 111
        ${fwcmd} add pass udp from ${box2} to ${ip} 111
        ${fwcmd} add pass tcp from ${box3}     to ${ip} 111
        ${fwcmd} add pass udp from ${box3}     to ${ip} 111

Firewall on box3 is:

ACCEPT	tcp .. ip_of_box1  ip_of_box3  * -> 2049
ACCEPT	udp .. ip_of_box1  ip_of_box3  * -> 2049

Any help is greatly appreciated..

If anyone can help me make it such I can mount from box1 <-> box3, I'd
greatly appreciate it.

box1 and box2 are FreeBSD 4.3-STABLE, box3 is Linux 2.2.18

TIA..  And please respond directly in addition to the list,

EllioT



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message