Mailinglist Archive: opensuse-factory (266 mails)

< Previous Next >
Re: [opensuse-factory] netcfg (15.1 and TW)

Am 18.05.20 um 16:10 schrieb Martin Wilck:
On Mon, 2020-05-18 at 15:48 +0200, Hans-Peter Jansen wrote:
I don't think portmap is able to do modify firewalld configuration.
make firewalld + nfs server work, I used a fixed port for mountd in

MOUNTD_OPTIONS="--port 20033"

... and opened port 20033/udp in the firewalld zone in addition to
standard nfs/nfs3/rpc-bind services.

If there's a more elegant way to achieve the same result, I'd be
to learn about it.

I've just used nfs3, mountd, and rpc-bind services to successfully
nfs3 shares (e.g. for vSphere hosts).

Yuck, there's a "mountd" firewalld service! I overlooked that...
/me naïvely thinking that enabling "nfs3" should be enough, and not
looking further.

Thanks a lot,

i have not followed all here, but maybe this is the "more elegant way":

(it was discussed on the opensuse mailing list 12.06.18
"firwealld and nfs ?")

nfs3 has static ports, nfs dynamic ports (portmapper)
if nfs3 works, and nfs not, its because
susefirewall was able to work with portmapper (dynamic ports),
firewalld is not able to do.
you have to configure nfs to use static ports if
you use firewalld.
there should be a firewalld-rpcbind-helper script (it was at least 2018+2019
for tumbleweed)
you could install.
the process would be:
save your /etc/sysconfig/nfs
maybe you would like, if not already inside this file, insert: RQUOTAD_PORT=""
to show what you are using: -r -p nfs-server -s mountd nlockmgr
make static: --static-config -p nfs-server --non-interactive
--port-config "mountd=20100 status=20200 nlockmgr=20300 rquotad=20400"
to show what you have done: -l -p nfs-server
gernerate new firewall rules: -p nfs-server --create-firewalld-service
use yast to insert this new rules,
and delete the old rules: nfs + nfs3



To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups