3

I am setting up an NFS sevrer on ubuntu 12.04 LTS server.

Running 

nmap SERVER-IP

on the sever gives me:

PORT     STATE SERVICE
22/tcp   open  ssh
111/tcp  open  rpcbind
2049/tcp open  nfs

which seems to indicate the NFS server runs

But on the client, doing the same gives me

   PORT     STATE    SERVICE
   22/tcp   open     ssh
   5631/tcp filtered pcanywheredata

The firewall (ufw) is disabled on the server and client.

Because of this I can't mount my exported folders on the client.

Any idea what prevents my client from seeing port 111 open?

Zanna
  • 70,465
user166754
  • 31
  • 1
  • 1
  • 2
  • Is it possible you have a router/gateway between the machine doing the scanning and the server which has this port open? run traceroute SERVER-IP and, if the list is short, try scanning each machine. That could get time consuming though – jackweirdy Jun 12 '13 at 23:23
  • 1
    From the server, use netstat instead of nmap, since it will show what address each thing is listening on. Output of these commands will be useful: server: sudo netstat -utlnp; client: sudo nmap -v --reason -p 111,2049 $server; client: rpcinfo -p $server – bonsaiviking Jun 28 '13 at 14:49

2 Answers2

1

You are allowing all incoming packets to the localhost interface but not on other interfaces.

Therefore you can see the open port locally but not from another machine.

You have to allow all incoming packets to port 111 like this:

iptables -A INPUT -p tcp --dport 111 -j ACCEPT

This will explain iptables really well.

Mick
  • 111
  • 4
0

This is because the nfs client also depends on rpcbind. However, You can stop it being running but it is recommended to run it on a nfs client also, as rpcbind involves username <--> userID mapping between nfs-server and nfs-client.

krs4keshara
  • 159
  • 2
  • 7