Software version OS: RHEL6.0 (Santiago) FireWall: iptablesv1.4.7NFS: nfs-utils-1.2.2-7.el6.i686 (server) nfs-utils-lib (client) 1. start NFS service: servicenfsstart (assuming nfs-utils and portmap have been installed and iptables has stopped the software version
OS: RHEL 6.0 (Santiago)
FireWall:
IptablesV1.4.7
NFS: nfs-utils-1.2.2-7.el6.i686 (server)
Nfs-utils-lib (client)
1. start NFS service: service nfs start (assuming nfs-utils and portmap have been installed and iptables has been stopped)
[Root @ rhel6-git nfs] # service nfs start
Starting NFS services: [OK]
Starting NFS quotas: [OK]
Starting NFS daemon: [OK]
Starting NFS mountd: [OK]
2. set the NFS service port: vi/etc/sysconfig/nfs
Delete the annotator "#" in the following two lines and change the port number to your value (must be less than 1024)
RQUOTAD_PORT = 875
MOUNTD_PORT = 876
3. set the shared directory and permission: vi/etc/exports
/Home/nfs 192.168.254.0/24 (rw, no_root_squash)
4. restart the NFS service: service nfs restart or exportfs-r
5. check the network connection port of the NFS service: rpcinfo? P
[Root @ rhel6-git nfs] # rpcinfo-p
Program vers proto port service
100000 4 tcp 111 portmapper
100000 2 udp 111 portmapper
100011 1 udp 875 rquotad
100011 2 tcp 875 rquotad
100003 2 tcp 2049 nfs
100227 2 tcp 2049 nfs_acl
100003 3 udp 2049 nfs
100227 3 udp 2049 nfs_acl
100021 1 udp 47549 nlockmgr
100021 1 tcp 51246 nlockmgr
100005 1 udp 876 mountd
100005 1 tcp 876 mountd
6. mount the NFS shared directory on the client:
Mount? T nfs-server-ip:/home/nfs
Or mount. nfs-server-ip:/home/nfs
7. check NFS server information on the client: showmount nfs-server-ip (your nfs server ip address)
If iptables is started
1. view the current firewall status: service iptables status
Or iptables? L Or iptables? S (rhel6 has this parameter)
2. View (edit vi) default firewall configuration: cat/etc/sysconfig/iptables
[Root @ rhel6-git nfs] # cat/etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
* Filter
: Input accept [0: 0]
: Forward accept [0: 0]
: Output accept [0: 0]
-A input-m state -- state ESTABLISHED, RELATED-j ACCEPT
-A input-p icmp-j ACCEPT
-A input-I lo-j ACCEPT
-A input-m state -- state NEW-m tcp-p tcp -- dport 22-j ACCEPT
-A input-j REJECT -- reject-with icmp-host-prohibited
-A forward-j REJECT -- reject-with icmp-host-prohibited
COMMIT
Configuration File description:
* Filter -- the default filter table is filter, which contains the built-in chain INPUT (processing incoming package), FORWORD (processing passed package), and OUTPUT (processing locally generated package ). (Other tables are nat and mangle)
: Input accept [0: 0] -- if no rule matches, all incoming packets will receive
: Forward accept [0: 0] -- if no rule matches, all packets will be forwarded.
: Output accept [0: 0] -- if no rule matches, all locally produced packages will be sent
-A input-I lo-j ACCEPT -- receives all data packets entering interface lo
-A input-p icmp-j ACCEPT -- receives all incoming icmp packets (allow ping to the local machine)
-A input-j REJECT -- reject-with icmp-host-prohibited -- rejects all incoming packets and returns A prompt.
3. view the default firewall rule: iptables? L or iptables? S
[Root @ rhel6-git nfs] # iptables-L
Chain INPUT (policy ACCEPT)
Target prot opt source destination
ACCEPT all -- anywhere state RELATED, ESTABLISHED
ACCEPT icmp -- anywhere
ACCEPT all -- anywhere
ACCEPT tcp -- anywhere state NEW tcp dpt: ssh
REJECT all -- anywhere reject-with icmp-host-prohibited
4.6. in the preceding rules, ports 875 and 876 are specified by modifying the configuration file/etc/sysconfig/nfs (by default, mountd and rquotad use randomly generated port numbers smaller than 1024)
4.7. after the above rules are restarted, iptables will become invalid. to be permanently valid, you must modify the file/etc/sysconfig/iptables as follows:
Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
* Filter
: Input drop [0: 0]
: Forward accept [0: 0]
: Output accept [0: 0]
-A input-s 192.168.254.0/24-p tcp-m tcp -- dport 111-j ACCEPT
-A input-s 192.168.254.0/24-p tcp-m tcp -- dport 875-j ACCEPT
-A input-s 192.168.254.0/24-p tcp-m tcp -- dport 2049-j ACCEPT
-A input-s 192.168.254.0/24-p tcp-m tcp -- dport 876-j ACCEPT
-A input-s 192.168.254.0/24-p udp-m udp -- dport 2049-j ACCEPT
-A input-s 192.168.254.0/24-p udp-m udp -- dport 875-j ACCEPT
-A input-s 192.168.254.0/24-p udp-m udp -- dport 876-j ACCEPT
-A input-s 192.168.254.0/24-p udp-m udp -- dport 111-j ACCEPT
COMMIT
Others: install the telnet service in ArchLinux
1. upgrade package database: pacman? Syu
2. force installation package: pacman? Sf inetutils xinetd
3. modify the value of/etc/xinetd. d/telnet to disable = no.
4. start the service:/etc/rc. d/xinetd restart
5. check that the telnet network port is enabled: netstat? Lp | grep telnet
6. exit telnet: ctrl +] and enter q
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
A Free Trial That Lets You Build Big!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
