转 https://www.cnblogs.com/architectforest/p/12360766.html
**
nfs4使用中的防火墙配置
**
一,查看本地centos的版本:
[root@localhost lib]# cat /etc/redhat-release
CentOS Linux release 8.1.1911 (Core)
二,查看服务端输出的目录时报错:
[root@localhost liuhongdi]# showmount -e 192.168.3.172
clnt_create: RPC: Unable to receive
说明:报错的原因:
因为服务端开启了防火墙导致rpc无法连接到服务端
三,使nfs客户端可以通过防火墙连接nfs服务器
1,在nfs所在服务端防火墙增加nfs service:
复制代码
[root@localhost liuhongdi]# firewall-cmd --add-service=nfs
success
[root@localhost liuhongdi]# firewall-cmd --add-service=rpc-bind
success
[root@localhost liuhongdi]# firewall-cmd --add-service=mountd
success
复制代码
2,生产环境中常用的做法:
把nfs客户端的ip加入到nfs服务端的防火墙
[root@localhost liuhongdi]# firewall-cmd --permanent --add-rich-rule=‘rule family=“ipv4” source address=“43.229.53.61” accept’
[root@localhost liuhongdi]# firewall-cmd --reload
success