-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I get some of these: <0.4> 2018-06-21 13:56:45 Telcontar kernel - - - [169799.461256] SFW2-INext-DROP-DEFLT IN=eth0 OUT= MAC=00:21:85:16:2d:0b:1c:83:41:1b:d8:33:08:00 SRC=192.168.1.127 DST=192.168.1.14 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=54173 DF PROTO=TCP SPT=721 DPT=46766 WINDOW=29200 RES=0x00 SYN URGP=0 OPT (020405B40402080ACD82FEF50000000001030307) <0.4> 2018-06-21 13:56:50 Telcontar kernel - - - [169804.957656] SFW2-INext-DROP-DEFLT IN=eth0 OUT= MAC=00:21:85:16:2d:0b:00:26:9e:95:62:d9:08:00 SRC=192.168.1.129 DST=192.168.1.14 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=60573 DF PROTO=TCP SPT=844 DPT=46766 WINDOW=29200 RES=0x00 SYN URGP=0 OPT (020405B40402080A03DFEA100000000001030307) <0.4> 2018-06-21 13:57:18 Telcontar kernel - - - [169832.229481] SFW2-INext-DROP-DEFLT IN=eth0 OUT= MAC=00:21:85:16:2d:0b:1c:83:41:1b:d8:33:08:00 SRC=192.168.1.127 DST=192.168.1.14 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=54174 DF PROTO=TCP SPT=721 DPT=46766 WINDOW=29200 RES=0x00 SYN URGP=0 OPT (020405B40402080ACD837EF30000000001030307) <0.4> 2018-06-21 13:57:22 Telcontar kernel - - - [169837.021554] SFW2-INext-DROP-DEFLT IN=eth0 OUT= MAC=00:21:85:16:2d:0b:00:26:9e:95:62:d9:08:00 SRC=192.168.1.129 DST=192.168.1.14 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=60574 DF PROTO=TCP SPT=844 DPT=46766 WINDOW=29200 RES=0x00 SYN URGP=0 OPT (020405B40402080A03E009600000000001030307) PROTO=TCP SPT=721 DPT=46766 SRC=192.168.1.127 DST=192.168.1.14 PROTO=TCP SPT=844 DPT=46766 SRC=192.168.1.129 DST=192.168.1.14 They are from two laptops; the .129 runs Leap 42.2, the .127 runs Leap 15.0. It happens just after mounting via nfs the root directory of each, then they seem to stop. The problem is, the destination port changes. /etc/sysconfig/SuSEfirewall2 on the client (desktop) has: FW_CONFIGURATIONS_EXT="bind nfs-client nfs-kernel-server ntp sshd" FW_SERVICES_ACCEPT_EXT="192.168.1.0/24,_rpc_,nfs 192.168.74.0/24,_rpc_,nfs \ fe80::/64,udp,5353 fc00::/64,udp,5353" FW_TRUSTED_NETS="... 192.168.1.127,tcp,imap 192.168.1.127,tcp,imaps\ 192.168.1.127,tcp,ftp 192.168.1.127,tcp,ftp-data 192.168.1.129,tcp,http \ 192.168.1.127,tcp,30000:30100 \ 192.168.1.127,tcp,nfs 192.168.1.127,udp,sunrpc 192.168.1.129,tcp,rsync \ ... " So nfs and sunrpc are allowed. Plus service _rpc_,nfs The nfs mounts are working fine,as far as I can see, and they are using protocol 4. /etc/exports: / 192.168.1.14(rw,no_root_squash,sync,nohide,no_subtree_check,insecure,crossmnt) \ 192.168.1.16(rw,no_root_squash,sync,nohide,no_subtree_check,insecure,crossmnt) \ 192.168.1.129(rw,no_root_squash,sync,nohide,no_subtree_check,insecure,crossmnt) /etc/fstab: Minas-Tirith:/ /mnt/nfs/Minas-Tirith nfs4 noauto,nofail,_netdev,user,users,lazytime 0 0 Legolas:/ /mnt/nfs/Legolas nfs4 noauto,nofail,_netdev,user,users,lazytime 0 0 Telcontar:~ # mount -v /mnt/nfs/Legolas mount.nfs4: timeout set for Thu Jun 21 13:58:13 2018 mount.nfs4: trying text-based options 'addr=192.168.1.127,clientaddr=192.168.1.14' Telcontar:~ # mount -v /mnt/nfs/Minas-Tirith mount.nfs4: timeout set for Thu Jun 21 13:58:19 2018 mount.nfs4: trying text-based options 'addr=192.168.1.129,clientaddr=192.168.1.14' Telcontar:~ # The firewalls on the laptops can not be compared, the new is firewald, the old SuSEfirewall2. But the problem happens on the client. So, ideas? What should I open on the firewall(s)? - -- Cheers Carlos E. R. (from 42.2 x86_64 "Malachite" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlsrmJQACgkQtTMYHG2NR9UacwCeK1gdZ1Nqjfq4uLJFBwX2wVs9 1WIAnjLRUr6JIq7vMoylTWlniViDWjzq =Q3AR -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org