0

I have a virtual server with Ubuntu Server 14 LTS. The provider has offered me NFS storage which I wanted to mount on the virtual server:

mount -t nfs 192.0.2.4:/space /mnt/nfs

However, I cannot mount it unless I completely disable iptables. My default settings were:

 # Generated by iptables-save v1.4.21 on Sat Jan 16 17:26:45 2016
 *filter

:INPUT DROP [184351:16661270]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [552598:2332433572]

-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -s myip/32 -j ACCEPT
-A INPUT -s 192.0.2.4/32 -j ACCEPT

COMMIT

# Completed on Sat Jan 16 17:26:45 2016

I tried to allow the additional IP 192.0.2.4 completely (see above), but it does not change anything: I cannot mount the drive unless I completely allow all traffic:

iptables -P INPUT ACCEPT

Why is that? What do I have to do in order to make it work?

kasperd
  • 30,455
  • 17
  • 76
  • 124
andreas
  • 221
  • 1
  • 4
  • 11
  • I'm voting to close this question as a duplicate of [this search - nfs iptables](http://serverfault.com/search?q=iptables+nfs). This question has been asked before and already has answers. – user9517 Jan 16 '16 at 16:12
  • @lain you are right, now I can see some similar questions. However I would like to know why allowing all traffic from that IP is not enough. – andreas Jan 16 '16 at 16:16
  • Without seeing your full INPUT ruleset my guess would be that using `-A` is adding a rule after one that DROPs connections. Again we have lots of Q&A about that too - search is your friend. – user9517 Jan 16 '16 at 16:26
  • @lain full iptables output is there now. – andreas Jan 16 '16 at 16:28
  • @MichaelHampton sorry that was a typo, the above are just the policies, the output came from iptables-save. – andreas Jan 16 '16 at 16:34

0 Answers0