Gentoo Archives: gentoo-user

From:	Daniel Iliev <danny@××××××××.com>
To:	gentoo-user@l.g.o
Subject:	Re: [gentoo-user] nfs and iptables
Date:	Fri, 23 Jun 2006 09:47:29
Message-Id:	`36022.10.0.1.1.1151055493.squirrel@mail.ilievnet.com`
In Reply to:	[gentoo-user] nfs and iptables by Arnau Bria

1	On Fri, June 23, 2006 12:04 pm, Arnau Bria wrote:
2
3	>
4	> Well, so I set next rule in my firewall:
5	> -A INPUT -d 193.146.196.198 -i eth0 -p tcp -m tcp --dport 111 -j ACCEPT
6	> -A INPUT -d 193.146.196.198 -i eth0 -p tcp -m tcp --dport 111 -j LOG
7	> --log-prefix "NFS (tcp) Input: " --log-level 7 -A INPUT -d
8	> 193.146.196.198 -i eth0 -p udp -m udp --dport 111 -j LOG --log-prefix
9	> "NFS (udp) Input: " --log-level 7 -A INPUT -d 193.146.196.198 -i eth0
10	> -p udp -m udp --dport 111 -j ACCEPT
11
12	My first guess is that you have another FW rule which matches those packets and
13	drops them before they meet the rule you mention.
14	You could try:
15
16	-D INPUT -d 193.146.196.198 -i eth0 -p tcp -m tcp --dport 111 -j ACCEPT
17	-I INPUT -d 193.146.196.198 -i eth0 -p tcp -m tcp --dport 111 -j ACCEPT
18	(drop the rule and insert it on top of all other)
19
20
21
22	--
23	Best regards,
24	Daniel
25
26	--
27	gentoo-user@g.o mailing list

Subject	Author
Re: [gentoo-user] nfs and iptables	Arnau Bria <arnau@×××××××××.net>