To allow NFS clients to access an NFS server using iptables on Linux, you need to configure the firewall to allow traffic on the appropriate ports. NFS uses a combination of UDP and TCP, so you will need to open both types of traffic.
Here are the steps to allow NFS clients to access the NFS server using iptables:
- Allow traffic on port 2049 (both UDP and TCP) which is the default port for NFS traffic:
sudo iptables -A INPUT -p udp --dport 2049 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 2049 -j ACCEPT
- If you are using NFSv3, allow traffic on port 111 (both UDP and TCP) and port 32765 (UDP only) for the RPC bind service and the RPC mountd service:
sudo iptables -A INPUT -p udp --dport 111 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 111 -j ACCEPT
sudo iptables -A INPUT -p udp --dport 32765 -j ACCEPT
- If you are using NFSv4, allow traffic on port 2049 (both UDP and TCP) and port 32803 (TCP only) for the RPC bind service and the RPC mountd service:
sudo iptables -A INPUT -p udp --dport 2049 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 2049 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 32803 -j ACCEPT
- Save the iptables rules so they will persist across reboots:
sudo service iptables save
Once these rules are in place, your NFS clients should be able to access the NFS server without any issues. Note that you may need to adjust these rules depending on your specific network configuration and NFS setup.