On Tuesday, 12 June 2018 09:26:03 BST Simon Becherer wrote:
Hi,
i changed my tumbleweed from susefirewall2 to firewalld
problem now:
nfs works when i use midnight commander to browse or copy files. nfs did NOT work if i like to open a file on a nfs directory with libreoffice. libreoffice completely stops response. when i stop firewwalld it starts to react again.
so i guess some "magic" port must additionally opened (what was before automatically opened in susefirewall2)
================ my setup: i have serveral tumbleweed (and older opensuse) systems, using nfs as host and client to be able to go from every computer to every other (all only ipv4 systems, ipv6 disabled, static addresses). was working fine with tumbleweed and susefirewall2
in yast2 firewalld assigned to my network bridge and adapter "home" and opened/set up for for "home":
mdns (no idea what it is for, it was open) 5353 udp
mountd (without this nfs not working) 20048 tcp 20048 udp nfs3 (without this nfs not working) 2049 tcp 2049 udp rpc-bind (without this nfs not working) 111 tcp 111 udp
samba (beause i later on need also a samba server running) 139 udp+tcp 445 udp+tcp (did i need other things to open??? (like for nfs????))
ssh 22tcp x11 (needed for SOME graphical ssh output) 6000-60063 udp+tcp
===================== question a) what port (service name) i miss here to get the nfs also with libreoffice to work.
question b) how did i see in an old setup (susefirewall2) what ports are open (not the service names inside yast2 these where in my old setup ONLY NFS-client NFS-server SSH-server but there must be more ports behind this "synonyms" than in the new firewalld-yast setup)
question c) how did i see in a firewalld setup (or some log file) what port libreoffice was ask for an was blocked.
question d) did i have to open for samba more ports(service-names-in-yast) (as i also need not only "nfs3" for nfs (+mountd+rpc-bind)
Not answering your question directly but firewalld's nfs profile is only for nfsv4 you need to include nfs3 as well to cover the udp ports -- To unsubscribe, e-mail: opensuse-support+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-support+owner@opensuse.org