Tutorial – Configure IPTables for NFS Server on CentOS 6

This tutorial will take you through configuring iptables to allow client connections to your NFS service.

Allowing access to your NFS shares isn’t as simple as opening up a single protocol/port combo. There’s a quite a number of different ports required utilizing both TCP and UDP. We also need to make our lives easier to statically setting the ports for some of the NFS related services.

[box type="info"] Just note that this document assumes CentOS 6 for all example code and references. Syntax, file locations and codes may vary based on your distribution.[/box]

Step 1: Configure NFS Ports

The NFS service uses the RPC Bind service to advertise the protocols/ports it’s using. To make our iptables config nice and clean, we’ll statically configure these ports rather than leave it up to the RPC God to decide.

Edit the NFS port definitions file

Un-comment the following lines and save the file.

Now restart the NFS and RPC Bind services

Step 2: Configure IPTables

At this point, if you tried to run “rpcinfo -p server1″ or “showmount -e server1″ you’ll get errors

Lets go about sticking 2 new rules at the beginning of the INPUT chain that allows our NFS and RPC services to work.

[box type=info] In some circumstances it is required to restart the NFS service after the firewall changes have been made.[/box]

Lets check those showmount and rcpinfo commands again

….looking good! Lets save our iptables config to make it persistent through reboots

Step 3: Mount the NFS Share

Now that all the hard stuff is out of the way, lets mount our NFS share. So from your client machine attempt to mount

The mount command, when successful, won’t output any messages.

[author] [author_image timthumb='on']http://mcdee.com.au/wp-content/uploads/2012/11/photo.jpg[/author_image] [author_info]Andrew McDonald is an IT Systems Admin and all round technology junkie. Absolutely a jack-of-all-trades and not one to shy away from a challenge.


[/author_info] [/author]

  13 comments

  1. Jahanzeb   •  

    Hello

    Thank you so much. it took me hell lot of time to find out this solution. As the solution is not easy to find on internet.

  2. anonymous   •  

    thanks :D

  3. Ricardo R   •  

    Gracias!

  4. Pingback: How to setup nfs server on centos 6 | GANGESH SHARMA(MCA,MCP,JCHNP)

  5. Diego Santana   •  

    Muito bom Andrew, funcionou perfeitamente, parabéns pelo tutorial!

  6. Absar   •  

    It is excellent article. Perhaps you may like to highlight use of 1 port 2049 only if NFS4 is to be supported only.

  7. Hadrian   •  

    Awesome solution. Thanks for sharing this!

  8. Mick   •  

    Clear & concise; excellent!

  9. Pingback: Centos Tutorials | Kuplux's

  10. Pingback: Centos Server Tutorial | Kuplux's

  11. Pingback: Резервное копирование в NFS хранилище в Proxmox | Diary of a madman

  12. Sergio Santos   •  

    Nice tutorial. Thanks for sharing

  13. David Schuler   •  

    A very helpful document to reference while setting up a virtual HPC cluster under VirtualBox for testing installation procedures.

Leave a Reply to Jahanzeb Cancel reply

Your email address will not be published. Required fields are marked *


− two = 1

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">