I guess I forgot to mention, I have gotten the printing to work! I just have to disable the firewall to do it! Thats what I am trying to accomplish now, doing all this without having to disable the firewall. I will check out that link though!
Thanks
Justbill

I have tried the LINWIZ tool, that was pretty cool, just didn't seem to want to work when I put it into /etc/sysconfig/iptables , and then if I disabled, and then enabled the firewall, it always went back to the originall IPTables before I used linwiz. No luck with Guarddog either, I don't know whats going on here. I can't get the rpcinfo -p command to work either (almost time to get the shotgun) Does anyone know of any good tutorials on setting up a firewall for a home network (written in souther Missouri hillbilly(its kind of a subculture of english)) ?

Thanks
Justbill

Well, I've got the printer working with the firewall still up! NFS is next

Thanks for the Gentoo link Habu!

Justbill

Sorry can't help much as am new to netwking myself. I have setup hdwired ntwk thru hub with one PC connected to 'net thru DSL. Apparently that is not how you do it but I did it. Now have ssh for file sharing, and internet sharing setup. Also have quasinetwork printing working.

I read tons of tutorials like you. Apparently, Unix and Linux were designed and built on networks for network use and was done in academic and industry settings so there was NO ATTENTION given to the possibility that newbie desktop users were ever going to want to learn this stuff.

Most if not all computer/networking documentation is really a reference for experienced users or is very FEATURE-centric and does NOT describe how to setup various protocols and apps IN CONTEXT.

One example is a well known web filter, shipped with a mainstream distros, that has mass quantities of file configuration howtos, install howtos, compile howtos, etc. Guess what? Nowhere does it say how to access the application once it's been installed!! It was not in the GUI menu, and when you type it into a console, reply was that the app was "already installed". Three of us could not figure out how to access this app until hours later after "stumbling" across the answer. I'll accept a certain amount of responsibility for lack of understanding, but that's just plain horrible documentation.

Point is, don't be too hard on yourself.

Keep googling

i don't have any more info on guarddog.

the reason i suggest it to people is because it is one of the programs i use that is fairly easy to set up outa the box.

compared to 'other' firefalls and straight-up-iptables.. it is a dream for someone not tooo familiar with the finer aspects of firewalls.

i always have my routers wall up (or i disconnect totally) from the net when i work on my local net.

sooo taking down the dog until you've figured out how to open the (variable?) ports that nfs alocates.. should not be a worry -- (as long as you take the same precausions i do that is).

Hi All,
Well I can't help but believe that I am almost there!

I followed the directions exactly on the linwiz page that Habu posted. I am still getting "Server is Down" messege when I try to mount from box2 but I think I know where the problem is, I just don't know the solution! Please bear with me, and I will post everything I did.

First, I changed the /etc/init.d/nfslock file, this is what my output is:

start() {
if [ ! -f /var/lock/subsys/nfslock ]; then
# Start daemons.
if [ "$USERLAND_LOCKD" ]; then
echo -n $"Starting NFS locking: "
daemon rpc.lockd
echo
fi
echo -n $"Starting NFS statd: "
# See if a statd's ports has been defined
[ -n "$STATD_PORT" ] && STATDARG="$STATDARG -p $STATD_PORT"
[ -n "$STATD_OUTGOING_PORT" ] \
&& STATDARG="$STATDARG -o $STATD_OUTGOING_PORT"
daemon rpc.statd -p 4000
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/nfslock
fi
return $RETVAL
}

and this is what linwiz says it shoud be:

start() {
# Start daemons.
if [ "$USERLAND_LOCKD" ]; then
echo -n $"Starting NFS locking: "
daemon rpc.lockd
echo
fi
echo -n $"Starting NFS statd: "
daemon rpc.statd -p 4000
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/nfslock
return $RETVAL
}

Notice on my output, just below

echo -n $"Starting NFS statd: "

there is some additional text before

daemon rpc.ststd -p 4000

do I need to remove that text?

The next thing, and this is where I believ the problem is, the NFS Lock Manager. I will copy the tutorial here and explain what I did:

The NFS lock manager is a kernel module. It implements the NLM (NFS Lock Manager) part of the NFS subsystem, used for handling file and resource locks of various types. This component is sometimes referred to "rpc.lockd", and shows up in the output of rpcinfo as "nlockmgr"(hey - consistancy would only make life booring!).

On systems where the lock manager is implemented as a loadable module the port number used is set at module load time, and so is configured by adding (or editting) a line in the /etc/modules.conf file, as follows..

options lockd nlm_udpport=4001 nlm_tcpport=4001

This sets the udp and tcp/ip port numbers. Conventionally, these two numbers should be set to the same value.

If your system has the lockd code compiled into the main kernel binary rather than as a loadable module, then the settings in modules.conf wont work. You need to add the parameters "lockd.udpport=4001 lockd.tcpport=4001" to the kernel command line in the lilo or grub configuration instead.

Note on the linux kernel versions before 2.4.12: - the handling of these parameters was introduced into linux kernel version 2.4.11. But since 2.4.11 is flagged as a "dont use" release, you should verify that your system has kernel 2.4.12 or later installed in order for this to work. Use the command "uname -a" to see the kernel version you are running.

To fix the port used by the NFS Lock Manager, add a line (as above) to /etc/modules.conf or lilo.conf (or grub.conf) as appropriate, and configure the firewall to manage the port number selected. (You may find the 'LinWiz://ServerFirewall' wizard helpful when setting up a firewall for Linux).

I did not have a /etc/modules.config file, so I looked at /etc/grub.conf this is what that output was:

# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You do not have a /boot partition. This means that
# all kernel and initrd paths are relative to /, eg.
# root (hd0,2)
# kernel /boot/vmlinuz-version ro root=/dev/sda3
# initrd /boot/initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,2)/boot/grub/splash.xpm.gz
hiddenmenu
title Fedora Core (2.6.14-1.1656_FC4)
root (hd0,2)
kernel /boot/vmlinuz-2.6.14-1.1656_FC4 ro root=LABEL=/1 rhgb quiet
initrd /boot/initrd-2.6.14-1.1656_FC4.img
title Fedora Core (2.6.14-1.1653_FC4)
root (hd0,2)
kernel /boot/vmlinuz-2.6.14-1.1653_FC4 ro root=LABEL=/1 rhgb quiet
initrd /boot/initrd-2.6.14-1.1653_FC4.img
title Windows XP
rootnoverify (hd0,1)
chainloader +1
[root@Goliath bill]#

I was not sure if that was the file I needed to edit, so I didn't (looked pretty scary to me!). So I created the /etc/modules.conf file using vim. I have added all the ports to SELinux in "Other Ports", and I also rebooted the computer, and then went to box2 to mount -t nfs Goliath.justbillsguitars.com:/home/bill /mnt and I got the "Server is Down" messege.

I realize I posted quite a bit here, but I wanted to try to provide as much information as possible! I do believe I am close here, and this is just some minor thing.

Thanks in advance for any help, and for taking the time to read all of this.

Justbill

P.S. I can mount from box2 to box1 with the firewall down, I am trying to do it with the firewall in place. Also, to save space I did not post the things that seem to have worked with no problem (a few of the easier linwiz steps), but if you need them I can post those outputs also.

Don't get me wrong halvy, I liked what I saw on Guarddog! It looks real user friendly, and real secure! I may switch to it after some more research, I just got a little perplexed on the Internet and local settings. Admittedly, I have a long way to go with my understanding of what things mean in the computer world. I need real clear instructions.

I really appreciate all of your efforts, habu's efforts, and everyone else who has contributed to this thread, and my effort to get my network up and going, and my firewall tweaked.

Justbill

Hi All!

To try to be subtle, I DID IT, I DID IT, I DID IT!!!!!

I deleted that section of script in /etc/init.d/nfslock, and then remembered I forgot to add 111:tcp, 111:udp, 4002:tcp, & 4002:udp to the "other ports" in SELinux. Did that, and it mounted right away!

Many Thanks to all who helped with this project! So I guess this is the end of this thread, until......... I want to play games with my kids on the two boxes (what am I thinking? )

The linwiz tutorial on nfs was priceless!

Thanks Again
Justbill

P.S. The printer is also sending print jobs to the printer from box2 (added 631:tcp to "other ports").

Great work!! Knew you could do it Now's a good time to take that break from computers