On Wed, Jul 18, 2007 at 03:16:24PM +0200, Marc Muehlfeld wrote:
> Hi,
> 
> Charles Stroom schrieb:
> > amcheck reports no problem.
> 
> amcheck doesn't use the full source/destination portrange like amdump.
> 
> 
> 
> > On the client, I have opened TCP/UDP port 10080, and TCP
> > ports 10082 and 10083, because I seem to have seen something like that
> > when googling.
> 
> You need only 10080 on the client. 10082 (amandaidx) and 10083 (amidxtape) 
> you have on your index-/tapeserver.
> 
> 
> But also the server connects do different ports. You can limit this for a 
> better and more tight firewall-configuration when you set --with-portrange 
> and --with-udpportrange at configure. I used
> 
> ./configure .....  --with-portrange=50000,50150 --with-udpportrange=850,900
> 

With the increasing use of pre-built amanda binaries and
the ever increasing concern for security, isn't it about
time to make port usage a run time parameter?  Probably
a dumptype parameter so that it could be varied with
the host?

jl
-- 
Jon H. LaBadie                  jon AT jgcomp DOT com
 JG Computing
 4455 Province Line Road        (609) 252-0159
 Princeton, NJ  08540-4322      (609) 683-7220 (fax)