Differences

This shows you the differences between two versions of the page.

doc:howto:nfs.server [2013/03/08 19:48]
fathom
doc:howto:nfs.server [2013/12/25 15:17] (current)
yeti mention kmod-loop ... https://dev.openwrt.org/ticket/11541
Line 38: Line 38:
**NOTE:** You do not need all packages: **''nfs-kernel-server''** should suffice. **NOTE:** You do not need all packages: **''nfs-kernel-server''** should suffice.
 +
 +**NOTE:** You may need to install kmod-loop manually to fix "mount: can't setup loop device: No such file or directory" errors. (see https://dev.openwrt.org/ticket/11541)
=== Client (your PCs) === === Client (your PCs) ===
Line 61: Line 63:
$IPT -A INPUT -j ACCEPT -i eth0.1 -s $NET_LAN -p tcp --dport 32777:32780 #----------- nfsd $IPT -A INPUT -j ACCEPT -i eth0.1 -s $NET_LAN -p tcp --dport 32777:32780 #----------- nfsd
$IPT -A INPUT -j ACCEPT -i eth0.1 -s $NET_LAN -p udp --dport 32777:32780 #----------- nfsd $IPT -A INPUT -j ACCEPT -i eth0.1 -s $NET_LAN -p udp --dport 32777:32780 #----------- nfsd
-$IPT -t raw -A INPUT -i $IF_LAN -s $NET_LAN -p tcp --dport 32777:32780 -j NOTRACK #-- don't track nfs +$IPT -t raw -A INPUT -i $IF_LAN -s $NET_LAN -p tcp --dport 32777:32780 -j CT --notrack #-- don't track nfs 
-$IPT -t raw -A INPUT -i $IF_LAN -s $NET_LAN -p udp --dport 32777:32780 -j NOTRACK #-- don't track nfs +$IPT -t raw -A INPUT -i $IF_LAN -s $NET_LAN -p udp --dport 32777:32780 -j CT --notrack #-- don't track nfs 
-$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p tcp --dport 32777:32780 -j NOTRACK #- don't track nfs +$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p tcp --dport 32777:32780 -j CT --notrack #- don't track nfs 
-$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p udp --dport 32777:32780 -j NOTRACK #- don't track nfs+$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p udp --dport 32777:32780 -j CT --notrack #- don't track nfs
</code> </code>
Line 81: Line 83:
Assuming the daemons are already running, use the command ''exportfs -ar'' to reload and apply changes on the fly. Assuming the daemons are already running, use the command ''exportfs -ar'' to reload and apply changes on the fly.
 +
 +=== Start on boot ===
 +Since //opkg//-installed init.d scripts are not enabled nor started by default, you need to do this manually. Same procedure as with most (all?) OpenWrt packages: The first commands will will start them right now, the third and fourth will create the symlinks ''/etc/rc.d/S??portmap'' and  ''/etc/rc.d/S??nfsd'' so they get started on boot:
 +
 +<code>
 +root@OpenWrt:~# /etc/init.d/portmap start
 +root@OpenWrt:~# /etc/init.d/nfsd start
 +root@OpenWrt:~# /etc/init.d/portmap enable
 +root@OpenWrt:~# /etc/init.d/nfsd enable
 +</code>
 +
 +After start (and after a reboot) verify with ''top'' or ''ps'' whether the services are running.\\
 +The following entries should appear in the process list:
 +
 +<code>
 +/usr/sbin/rpc.mountd -p 32780   
 +/usr/sbin/rpc.statd -p 32778 -o 32779
 +/usr/sbin/portmap
 +</code>
 +
 +Use the ''netstat -l'' command to see whether //portmap// is listening on port 111 for both tcp and udp. The //nfsd// process may use varying ports.
==== Client configuration ==== ==== Client configuration ====
Line 104: Line 127:
Java client: . Java client: .
TODO TODO
- 
-===== Start on boot ===== 
-Since //opkg//-installed init.d scripts are not enabled nor started by default, you need to do this manually. Same procedure as with most (all?) OpenWrt packages: The first commands will will start them right now, the third and fourth will create the symlinks ''/etc/rc.d/S??portmap'' and  ''/etc/rc.d/S??nfsd'' so they get started on boot: 
- 
-<code> 
-root@OpenWrt:~# /etc/init.d/portmap start 
-root@OpenWrt:~# /etc/init.d/nfsd start 
-root@OpenWrt:~# /etc/init.d/portmap enable 
-root@OpenWrt:~# /etc/init.d/nfsd enable 
-</code> 
- 
-After start (and after a reboot) verify with ''top'' or ''ps'' whether the services are running.\\ 
-The following entries should appear in the process list: 
- 
-<code> 
-/usr/sbin/rpc.mountd -p 32780     
-/usr/sbin/rpc.statd -p 32778 -o 32779 
-/usr/sbin/portmap 
-</code> 
- 
-Use the ''netstat -l'' command to see whether //portmap// is listening on port 111 for both tcp and udp. The //nfsd// process may use varying ports. 
===== Problems ===== ===== Problems =====
Line 153: Line 155:
Since [[doc:howto:netfilter]] will track every connection, if you use MASQUERADING for example, you could disable con-tracking for data connections: Since [[doc:howto:netfilter]] will track every connection, if you use MASQUERADING for example, you could disable con-tracking for data connections:
<code sh> <code sh>
-$IPT -t raw -A PREROUTING -i $IF_LAN -s $NET_LAN -p tcp --dport 32777:32780 -j NOTRACK #---------- don't track nfs +$IPT -t raw -A PREROUTING -i $IF_LAN -s $NET_LAN -p tcp --dport 32777:32780 -j CT --notrack #---------- don't track nfs 
-$IPT -t raw -A PREROUTING -i $IF_LAN -s $NET_LAN -p udp --dport 32777:32780 -j NOTRACK #---------- don't track nfs +$IPT -t raw -A PREROUTING -i $IF_LAN -s $NET_LAN -p udp --dport 32777:32780 -j CT --notrack #---------- don't track nfs 
-$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p tcp --sport 32777:32780 -j NOTRACK #---------- don't track nfs +$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p tcp --sport 32777:32780 -j CT --notrack #---------- don't track nfs 
-$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p udp --sport 32777:32780 -j NOTRACK #---------- don't track nfs+$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p udp --sport 32777:32780 -j CT --notrack #---------- don't track nfs
</code> </code>

Back to top

doc/howto/nfs.server.1362768495.txt.bz2 · Last modified: 2013/03/08 19:48 by fathom