Configuring NFS under Linux for IPTABLES control - Gentoo Update

Date: Thu, 8 May 2003 09:49:59 +0200
From: Andrew Glen-Young <andy(at)metropolis(dot)co(dot)za>
To: chris@lowth.com
Subject: Configuring NFS under Linux for IPTABLES control - Gentoo Update

Hello,

As regarding your article:  Configuring NFS under Linux for IPTABLES control,
you have asked for "news of using this approach on other Linuxes".

Here is a quick desciption of how to do this under Gentoo Linux.
----------------------------------------------------------------
1. Install the nfs-utils and portmapper ebuild.
2. Edit your /etc/conf.d/nfs file.
3. Change the "OPTS" options as suggested in the example file.
4. Start/Restart the service.

e.g. /etc/conf.d/nfs
--------------------
# Config file for /etc/init.d/nfs

# Number of servers to be started up by default
RPCNFSDCOUNT=8

# Options to pass to rpc.mountd. You can obviously set the port numbers
# differently.
RPCMOUNTDOPTS="-p 32767"

# Options to pass to rpc.statd
RPCSTATDOPTS="-p 32765 -o 32766"

# OPTIONS to pass to rpc.rquotad
RPCRQUOTADOPTS="-p 32764"

I also noticed that you do not set the out-going port number for rpc.statd. As
per the NFS-HOWTO:

"To force statd to bind to a particular port, use the -p portnum option. To
force statd to respond on a particular port, additionally use the -o portnum
option when starting it."

"For example, to have statd broadcast of port 32765 and listen on port 32766,
and mountd listen on port 32767, you would type:

# statd -p 32765 -o 32766
# mountd -p 32767"

Hope this is useful...
Andrew.