- 论坛徽章:
- 0
|
我的NFS服务器是192.168.0.196 客户端的是192.168.0.180 .为什么我开了防火墙就挂载不上了呀,
服务器的配置如下,
[root@yangyong ~]# vi /etc/sysconfig/nfs
MOUNTD_PORT=4002
STATD_PORT=4003
LOCKD_TCPPORT=4004
LOCKD_UDPPORT=4004
root@yangyong ~]# iptables -nvxL
Chain INPUT (policy DROP 6351 packets, 570759 bytes)
pkts bytes target prot opt in out source destination
1517 109260 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
0 0 ACCEPT udp -- * * 192.168.0.180 0.0.0.0/0 udp dpt:111
0 0 ACCEPT udp -- * * 192.168.0.180 0.0.0.0/0 udp dpt:2049
2 120 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:20
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049
67 4052 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
12 832 ACCEPT tcp -- * * 192.168.0.180 0.0.0.0/0 tcp dpt:4002
0 0 ACCEPT tcp -- * * 192.168.0.180 0.0.0.0/0 tcp dpt:4003
0 0 ACCEPT tcp -- * * 192.168.0.180 0.0.0.0/0 tcp dpt:4004
2 168 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1/sec burst 5
627 566152 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy DROP 815 packets, 58919 bytes)
pkts bytes target prot opt in out source destination
1199 173440 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:22
0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.0.180 udp spt:111
0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.0.180 udp spt:2049
2 80 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:8080
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:3306
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:21
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:20
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:2049
47 5952 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:111
12 876 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:4002
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:4003
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:4004
2 168 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1/sec burst 100
627 565704 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
[root@yangyong ~]# rpcinfo -p
绋嬪簭 鐗堟湰 鍗忚? 绔?彛
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 4003 status
100024 1 tcp 4003 status
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100021 1 udp 4004 nlockmgr
100021 3 udp 4004 nlockmgr
100021 4 udp 4004 nlockmgr
100021 1 tcp 4004 nlockmgr
100021 3 tcp 4004 nlockmgr
100021 4 tcp 4004 nlockmgr
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100005 1 udp 4002 mountd
100005 1 tcp 4002 mountd
100005 2 udp 4002 mountd
100005 2 tcp 4002 mountd
100005 3 udp 4002 mountd
100005 3 tcp 4002 mountd
我的客户端配置如下,
~
[root@tspy root]# vi /etc/sysconfig/nfs
MOUNTD_PORT=4002
STATD_PORT=4003
LOCKD_TCPPORT=4004
LOCKD_TCPPORT=4004
[root@tspy root]# iptables -nvxL
Chain INPUT (policy DROP 3 packets, 371 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 192.168.0.196 0.0.0.0/0 udp dpt:111
0 0 ACCEPT udp -- * * 192.168.0.196 0.0.0.0/0 udp dpt:2049
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:20
36 2428 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22222
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
8 340 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2401
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT tcp -- * * 192.168.0.196 0.0.0.0/0 tcp dpt:2049
0 0 ACCEPT tcp -- * * 192.168.0.196 0.0.0.0/0 tcp dpt:111
0 0 ACCEPT tcp -- * * 192.168.0.196 0.0.0.0/0 tcp dpt:4002
0 0 ACCEPT tcp -- * * 192.168.0.196 0.0.0.0/0 tcp dpt:4003
0 0 ACCEPT tcp -- * * 192.168.0.196 0.0.0.0/0 tcp dpt:4004
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1/sec burst 5
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.0.196 udp spt:2049
0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.0.196 udp spt:111
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:20
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:21
27 2088 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:22222
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:8080
4 204 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:3306
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:2401
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.196 tcp spt:2049
0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.196 tcp spt:111
0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.196 tcp spt:4002
0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.196 tcp spt:4003
0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.196 tcp spt:4004
0 0 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1/sec burst 5
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
[root@tspy root]# rpcinfo -p
程序 版本 协议 端口
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 4003 status
100024 1 tcp 4003 status
391002 2 tcp 32768 sgi_fam
100011 1 udp 1019 rquotad
100011 2 udp 1019 rquotad
100011 1 tcp 1022 rquotad
100011 2 tcp 1022 rquotad
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100021 1 udp 32768 nlockmgr
100021 3 udp 32768 nlockmgr
100021 4 udp 32768 nlockmgr
100021 1 tcp 32769 nlockmgr
100021 3 tcp 32769 nlockmgr
100021 4 tcp 32769 nlockmgr
100005 1 udp 4002 mountd
100005 1 tcp 4002 mountd
100005 2 udp 4002 mountd
100005 2 tcp 4002 mountd
100005 3 udp 4002 mountd
100005 3 tcp 4002 mountd
我两边都开IPTABLES的话就挂载不上呀, |
|