Bug 831889 - The default iptables rule prevent nfs from working
The default iptables rule prevent nfs from working
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: firewalld (Show other bugs)
All Linux
unspecified Severity medium
: rc
: ---
Assigned To: Thomas Woerner
Jan Ščotka
Depends On:
  Show dependency treegraph
Reported: 2012-06-13 22:35 EDT by Weibing Zhang
Modified: 2014-06-13 06:02 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-06-13 06:02:13 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Weibing Zhang 2012-06-13 22:35:16 EDT
Description of problem:
The default iptables rule prevent nfs from working.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. install RHEL7 and start the nfs server and export share.
2. visit the nfs share on another host.
Actual results:
1. can not access the nfs share from remote host.
2. stop the iptables service on the host and the share can be reached.
Expected results:
NFS share should be avaliable without modifying iptables as in RHEL6.

Additional info:
Comment 2 Thomas Woerner 2012-11-12 06:16:20 EST
IN RHEL-7 firewalld is the new firewall solution. If you want to be able to access your local NFSv4 from other hosts, enable the nfs service in firewalld: firewall-cmd: firewall-cmd --add-service=nfs

If you want to disable the firewall, use: systemctl stop firewalld.service
Comment 8 Thomas Woerner 2014-01-09 06:48:54 EST
Assigning to firewalld. Marking as modified, the needed service entries are there.
Comment 11 Ludek Smid 2014-06-13 06:02:13 EDT
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.

Note You need to log in before you can comment on or make changes to this bug.