Allowing NFS through iptables/firewalld

From DISI
Jump to navigation Jump to search

CentOS 7: firewalld

# Look at current firewalld settings: 
[root@qof ~]# firewall-cmd --list-all
public (active)
 target: default
 icmp-block-inversion: no
 interfaces: eno1 eno2
 sources: 
 services: ssh dhcpv6-client
 ports: 
 protocols: 
 masquerade: no
 forward-ports: 
 source-ports: 
 icmp-blocks: 
 rich rules: 
# add NFS services to firewalld's allowances.  Use permanent flag so that services remain allowed even after firewalld reloads
[root@qof ~]# firewall-cmd --permanent --add-service=nfs 
success
[root@qof ~]# firewall-cmd --permanent --add-service=mountd
success
[root@qof ~]# firewall-cmd --permanent --add-service=rpc-bind
success
[root@qof ~]# firewall-cmd --reload
success
# Verify changes stay
[root@qof ~]# firewall-cmd --list-all
public (active)
 target: default
 icmp-block-inversion: no
 interfaces: eno1 eno2
 sources: 
 services: ssh dhcpv6-client nfs mountd rpc-bind
 ports: 
 protocols: 
 masquerade: no
 forward-ports: 
 source-ports: 
 icmp-blocks: 
 rich rules: