|
Re: Port NNNN not secure (revisited)
2006-07-13 21:47:30
Mike Allen wrote:
After some helpful email from Frank Smith off-list I have decided to try
a different approach to
slve my problem:
Here is an excerpt from my tape-server /etc/services file.
amanda 20080/udp #Dump server control
amandaidx 20082/tcp #Amanda indexing
amidxtape 20083/tcp #Amanda tape indexing
Note that I am not using the standard ports for amanda et al.
A tcpdump from the client end of the communication between host
'familyserv' and host 'famrad' went as follows:
<snip>
14:57:55.661773 IP familyserv.familyradio.org.ssh >
famrad.familyradio.org.44233: P 1048606257:1048606385(128) ack
4160186819 win 33304 <nop,nop,timestamp 449488411 123825292>
14:57:55.665181 IP famrad.familyradio.org.44233 >
familyserv.familyradio.org.ssh: . ack 128 win 33240 <nop,nop,timestamp
123825301 449488402>
14:58:06.382636 IP famrad.familyradio.org.34932 >
familyserv.familyradio.org.amanda: UDP, length: 119
14:58:06.423680 IP familyserv.familyradio.org.amanda >
famrad.familyradio.org.34932: UDP, length: 50
14:58:06.424676 IP familyserv.familyradio.org.amanda >
famrad.familyradio.org.34932: UDP, length: 109
14:58:06.428009 IP famrad.familyradio.org.34932 >
familyserv.familyradio.org.amanda: UDP, length: 50
Since both ends are supposedy configured for tcpportrange=512.1023 and
udpportrange=50000,50100
try configure with "--with-tcpportrange=50000,50100 --with-udpportrange=512,1023 ..." and
recompile.
Open the corresponding ports in the firewall setup.
The reason udp port 34932 was tried because Amanda cannot find a reserved udp port that it
can use.
--
Thank you!
Kevin Till
Amanda documentation: http://wiki.zmanda.com
Amanda forums: http://forums.zmanda.com
|
|
|
