Linux:Iptables rules for different services

Bellow information for nfs server:

 vi /etc/sysconfig/nfs
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
RQUOTAD_PORT=875
STATD_PORT=662
STATD_OUTGOING_PORT=2020

Now reboot the services

# service portmap restart
# service nfs restart
# service rpcsvcgssd restart

Now add rules into iptables

-A RH-Firewall-1-INPUT -s 192.168.2.0/24 -p udp -m udp --dport 111 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.2.0/24 -p tcp -m tcp --dport 111 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.2.0/24 -p tcp -m tcp --dport 2049 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.2.0/24 -p tcp -m tcp --dport 32803 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.2.0/24 -p udp -m udp --dport 32769 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.2.0/24 -p tcp -m tcp --dport 892 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.2.0/24 -p udp -m udp --dport 892 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.2.0/24 -p tcp -m tcp --dport 875 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.2.0/24 -p udp -m udp --dport 875 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.2.0/24 -p tcp -m tcp --dport 662 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.2.0/24 -p udp -m udp --dport 662 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Leave a Reply

*