This is an old revision of the document!
This is the notes from my setup.
I am setting up server for NFSv4 without Security IP based access list.
NOTE : Match your uid with anonuid
/home 192.168.1.0/24(rw,sync,insecure,root_squash,no_subtree_check,fsid=0) /home/download 192.168.1.4(rw,nohide,sync,insecure,no_root_squash,no_subtree_check,anonuid=1000,anongid=100) /home/movies 192.168.1.4(rw,nohide,sync,insecure,no_root_squash,no_subtree_check,anonuid=1000,anongid=100) /home/net/Pictures 192.168.1.4(rw,nohide,sync,insecure,no_root_squash,no_subtree_check,anonuid=1000,anongid=100)
Now change following settings.
If any of the variable not exists please add as new line.
NOTE : Use What ever port you like match to the iptables rule after.
LOCKD_TCPPORT=59620 LOCKD_UDPPORT=59620 STATD_PORT=59622 MOUNTD_PORT=59621
Add Following lines to your firewall rules.
-A INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 111 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 2049 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 111 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 59620 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 59621 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 59622 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 59620 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 59621 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 59622 -j ACCEPT
Now restart / start all modified services.
In new Fedora it is some thing like as follow
Some server require to be started in specific order.
To setup client to mount exported FS use following.
192.168.1.5:download /opt/download nfs4 proto=tcp,intr,rw 0 0 192.168.1.5:movies /opt/movies nfs4 proto=tcp,intr,rw 0 0 192.168.1.5:net/Pictures /opt/Picture nfs4 proto=tcp,intr,rw 0 0 192.168.1.5:net/Music /opt/Music nfs4 proto=tcp,intr,rw 0 0
You can refer following manual for further information.
Since all these is some how i gathered from these documentation.