This is goofy but I can't seem to get NFS to work between two OpenBSD machines on a LAN. This is the configuration:
Code:
Wireless ISP Wireless ISP
^ ^
(ral0)-minerva-(re0) ---> LAN <-- (re0)-galileo7-(rtwn0)
minerva runs dhcpd, unbound, and NAT's Internet traffic from the LAN. galileo7 currently has rtwn0 disabled. Other than galileo7's wireless problems (probably due to hardware specific firmware/driver issues), the network seems to be working as I expect it to. This is the NFS situation:
minerva:
/etc/exports
Code:
/home/hanzer/nfs -alldirs -rw -mapall=hanzer:hanzer -network=192.168.0 -mask=255.255.255.0
And from either machine,
$ rpcinfo -p minerva returns:
Code:
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100005 1 udp 789 mountd
100005 3 udp 789 mountd
100005 1 tcp 656 mountd
100005 3 tcp 656 mountd
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
But,
hanzer@galileo7:$ doas mount_nfs minerva:/home/hanzer/nfs /home/hanzer/minerva returns:
Code:
mount_nfs: can't access /home/hanzer/nfs: Permission denied
Maybe some firewall blockage? (I'm a PF lightweight and halfwit)
minerva:
/etc/pf.conf
Code:
int_if="{ re0 }"
table <martians> { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 \
172.16.0.0/12 192.0.0.0/24 192.0.2.0/24 224.0.0.0/3 \
192.168.0.0/16 198.18.0.0/15 198.51.100.0/24 \
203.0.113.0/24 }
set block-policy drop
set loginterface egress
set skip on lo0
match in all scrub (no-df random-id max-mss 1440)
match out on egress inet from !(egress:network) to any nat-to (egress:0)
block in quick on egress from <martians> to any
block all
pass out quick inet
pass in on $int_if inet
galileo7:
/etc/pf.conf
Code:
set skip on lo
int_if="{ re0 }"
set block-policy drop
match in all scrub (no-df random-id max-mss 1440)
block all
pass out quick inet
pass in on $int_if inet
Any ideas or suggested experiments?