Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
SuSE 9.2 + SuSEfirewall2 + nfs problems
I have a new fileserver running SuSE 9.2. Amongst other services it exports NFS shares. I've used Yast to configure the firewall, checking the NFS option.

I have had problems where remote NFS clients either timeout trying to communicate with the server (ping/ssh work fine). After some messing (turn services on and off, flush iptables, etc) it now seems to work.

However I notice some dropped packets from one of the NFS clients:

Mar 15 09:38:55 zzz kernel: SFW2-INext-DROP-DEFLT-INV IN=eth0 OUT= MAC=00:0d:56:
b8:5a:f4:08:00:69:0d:9a:2e:08:00 LEN=40 TOS
=0x00 PREC=0x00 TTL=60 ID=12095 DF PROTO=TCP SPT=757 DPT=2049 WINDOW=32761 RES=0

These are occurring on average about once a minute, but the timings vary - there can be gaps of up to eight minutes and then again they may be as close as a few seconds apart.

rpcinfo indicates the following for port 2049:

100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100227 3 udp 2049 nfs_acl
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100227 3 tcp 2049 nfs_acl

There are no noticeable affects on the remote client!

Any ideas what is happening?


Simon Oliver

< Previous Next >
Follow Ups