Jza Posted June 16, 2006 Report Share Posted June 16, 2006 Mandriva Control Center GUI for Firewall management doesnt inlcude NFS which I use to network my boxes. But I don't know which ports to open them so I could build my LAN but with security enhaced. Could anyone tell me the command line sentence to open the necesary ports for NFS and ZeroConf through ShoreWall. Link to comment Share on other sites More sharing options...
aioshin Posted June 16, 2006 Report Share Posted June 16, 2006 (edited) related ports to nfs tcp 0 0.0.0.0:843 0.0.0.0:* LISTEN 1509/rpc.statdtcp 0 0 0.0.0.0:655 0.0.0.0:* LISTEN 1747/rpc.rquotad tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1490/portmap tcp 0 0 0.0.0.0:671 0.0.0.0:* LISTEN 1774/rpc.mountd udp 0 0 0.0.0.0:652 0.0.0.0:* 1747/rpc.rquotad udp 0 0 0.0.0.0:668 0.0.0.0:* 1774/rpc.mountd udp 0 0 0.0.0.0:837 0.0.0.0:* 1509/rpc.statd udp 0 0 0.0.0.0:840 0.0.0.0:* 1509/rpc.statd udp 0 0 0.0.0.0:111 0.0.0.0:* 1490/portmap but sorry not to answer the main question, I dont have shorewall on my box anymore, but if you can edit the shorewall config file manually, then just add those listed ports above to be accessible to from LAN Edited June 16, 2006 by aioshin Link to comment Share on other sites More sharing options...
fissy Posted June 16, 2006 Report Share Posted June 16, 2006 You need to add a line to the bottom of /etc/shorewall/rules ACCEPT net fw tcp 843,655,111,671 ACCEPT net fw udp 652,668,837,840,111 This is the format from my file, where I'm "ACCEPT"ing connections from the "net" zone (defined as my external interface) to the fw (firewall - i.e. computer shorewall is on). The information on protocols and ports is from aioshin's post. If you're only allowing access to LAN computers, you'll want to find out what the zones your computer has. It's quite likely mandrake will have named it "net", even though in your case "lan" would be more appropriate. -fissy Link to comment Share on other sites More sharing options...
Jza Posted June 16, 2006 Author Report Share Posted June 16, 2006 Great thanks I will do that. Which files can I check the zones from this 'net' and line. Link to comment Share on other sites More sharing options...
fissy Posted June 17, 2006 Report Share Posted June 17, 2006 /etc/shorewall/interfaces should tell you the name of the 'zone' which has been assigned to your network interface. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now