firewalld and NFS

Support for security such as Firewalls and securing linux
Post Reply
chrisdornan
Posts: 8
Joined: 2013/10/05 17:55:56

firewalld and NFS

Post by chrisdornan » 2014/08/10 12:59:08

I have been trying to configure the CEntOS 7 firewall with no success.

I can export a file system, but not when the firewall is enabled. I started by enabling the rpc-bind and nfs services with firewall-config (both running and permanent configurations) with no success.

The upstream documentation https://access.redhat.com/documentation ... all-config looks suspiciously unchanged from the previous release and does not appear to line up the the /etc/sysconfig/nfs file. Nevertheless I added the mountd and statd port bindings in the nfs configuration files and extended the ports associated with the NFS service in firewall-config and rebooted the system -- still no luck.

(It would be nice to get an aggregated list of the current inbound ports that are unblocked on the firewall -- or even on a zone -- does anybody know how to do this?)

I have given up for now and just disabled the firewall -- which I can work with, but it would be nice to know how to put NFS behind a C7 firewall.

bertan
Posts: 55
Joined: 2014/01/12 23:43:19
Location: Canada

Re: firewalld and NFS

Post by bertan » 2014/08/10 13:40:22

It works okay for me with firewall enabled. See the section "Open firewall" on http://members.shaw.ca/bertan/set-up-nf ... tos-7.html

chrisdornan
Posts: 8
Joined: 2013/10/05 17:55:56

Re: firewalld and NFS

Post by chrisdornan » 2014/08/10 15:00:02

Thanks @bertan, your notes were clear -- I was missing the "mountd" service in the firewall-config.

Now it is working for me too -- with mounts working across the firewall.

Post Reply

Return to “CentOS 7 - Security Support”