Amanda and the firewall
Matthew Saltzman
mjs at ces.clemson.edu
Tue Jan 18 17:17:51 UTC 2005
On Tue, 18 Jan 2005, Neil Marjoram wrote:
> I am having a little hair pulling trouble setting up the firewall for Amanda
> backups.
>
> I am attempting to use my Amanda server to backup a client which has the
> firewall installed, so far without much luck.
>
> If anyone has got this to work or can advise me on what rules are needed I
> would be truly grateful.
>
> I know so far that amanda will send a backup request on port 10080, this rule
> I've got.
>
> Then the client will send back on a random udp port, this should be ok as I
> don't block any outbound traffic.
>
> But now amanda returns to the client with three random tcp port connections,
> this is where I fail I think - someone suggested using connection tracking,
> but I don't really know enough about this.
In /etc/sysconfig/iptables-confg, add ip_conntrack_amanda to
the IPTABLES_MODULES string.
Note that some 2.6.9 kernels had broken ip_conntrack_amanda modules.
amcheck would work with such cleints, but actual backups would hang
forever. Recent kernels should be better.
There are other amanda-related services at 10081:tcp, 10081:udp, 10082:tcp
and 10083:tcp. I don't know if these are required for a functioning
simple setup.
>
> Thanks,
>
> Neil.
>
>
>
--
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs
More information about the fedora-list
mailing list