Nfs (rpc) check fails

I have a system that fails the nfs check (check_rpc!nfs) when iptables is on. I tried adding ports 111 and 5666 to my iptables, but still fails. When iptables is turned off, the cehck passes.

Interestingly enough, I have several other systems that pass the nfs check, without iptables entries. There are also no entries in hosts.allow or hosts.deny.

I’m pulling my hair out here, as at this point there are 4 systems that this problems occurs on. I’m sure I’m missing something basic, but for the life of me don’t know what.

Your help is GREATLY appreciated.

It’s clearly iptables causing the problem if it goes away when you turn it off - when you add the rules do you log against them and see if they get hit? Also, do you log your dropped packets so you can see what exactly has been dropped?

I agree that it’s related to iptables, for the exact reason you state. I do not have logging for dropped packets, but the log files show a pam error for nrpe when iptables is turned on.