Hello, I am setting up the SuSEfirewall2 package to allow access to some services on my LAN server. One of the services I need to provide is NFS. A quick look at /etc/services indicates that port 111 (tcp/udp) and port 2049 (tcp/udp) provides rpc and nfs respectively. So I added these numbers to the list in /etc/rc.config.d/firewall2.rc.config under # Common: smtp domain FW_SERVICES_EXT_TCP="domain smtp ssh www ftp 3128 139 111 2049" # Common: domain FW_SERVICES_EXT_UDP="domain 111 2049" Unfortunately, this doesn't quite cut it. (and yes, nfs mounting does work w/ the firewall turned off, just not w/ it turned on) When I try to mount an NFS share, I get this on the client: demandred:/ # mount -t nfs lansvr:/cdrom /mnt mount: RPC: Timed out demandred:/ # And this in /var/log/messages on the server: Dec 21 18:38:09 lansvr kernel: SuSE-FW-ACCEPTIN=eth0 OUT= MAC=00:a0:cc:3b:b4:0b:00:10:5a:11:8a:bc:08:00 SRC=192.168.1.3 DST=192.168.1.10 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=8553 DF PROTO=TCP SPT=656 DPT=111 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A0939AF5F0000000001030300) I'm not so good at grokking iptables output, so what I'm seeing here is source addr 192.168.1.3, destination addr 192.168.1.10,, some other garbage, protocol=tcp, source port 656, destination port 111, and then some other garbage. Doesn't really tell me much. Anyone care to take a stab as to where I need to look/ what I need to do to get this working? My server's CD drive was recently replaced w/ a DVD drive so I can finally just mount the DVD on the server and export it to all the client desktops for yast to use, and this is the major stumbling block so far on this project. TIA, Monte _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com