Hello,

I'm trying to configure the firewall on a client to allow that client
to mount an nfs directory. The client runs a netfilter firewall, the
server uses tcpwrapper.

rpcinfo -p on the server shows:

beryl rmason # rpcinfo -p
 program vers proto  port
  100000   2  tcp   111 portmapper
  100000   2  udp   111 portmapper
  100024   1  udp 32765 status
  100024   1  tcp 32765 status
  100003   2  udp  2049 nfs
  100003   3  udp  2049 nfs
  100003   2  tcp  2049 nfs
  100003   3  tcp  2049 nfs
  100021   1  udp  4001 nlockmgr
  100021   3  udp  4001 nlockmgr
  100021   4  udp  4001 nlockmgr
  100021   1  tcp  4001 nlockmgr
  100021   3  tcp  4001 nlockmgr
  100021   4  tcp  4001 nlockmgr
  100005   1  udp 32767 mountd
  100005   1  tcp 32767 mountd
  100005   2  udp 32767 mountd
  100005   2  tcp 32767 mountd
  100005   3  udp 32767 mountd
  100005   3  tcp 32767 mountd

When I try to mount the exported directory when the firewall is
running I get a timeout:

minnie ~ $ mount -v Help/
mount: trying 134.153.37.5 prog 100003 vers 3 prot tcp port 2049
mount: trying 134.153.37.5 prog 100005 vers 3 prot udp port 32767
mount: mount to NFS server 'beryl.esd.mun.ca' failed: timed out
(retrying).

If I drop the client firewall the mount succeeds.

Can someone help me figure out what must be put in my iptables script
to get this to work?

Thanks,
Roger
--
gentoo-user@(protected)