Greetings Amanda and iptables Gurus,
I am trying to use iptables optimally for amanda on
both the backup server and the backup clients. It's working OK
already, but I'm trying to have better control over which ports are being opened
up.
The way I understand things, largerly from reading
postings on the web, this is what happens when we run amdump. Feel free to
correct me;)
1) The backup server sends a UDP backup
request to port 10080 on the backup client.
2) The backup client forks an amandad
process that then tries to open a fairly random privileged UDP port on
the backup server. QUESTION:
What does the COMPLETE iptables command look like that restricts those
ports to a certain range, such as 850 through 854. Maybe using something
like --with-udpportrange to "recommend" ports ??. I have enough
RAM to allow connection tracking.
3) For each dumper process the backup
server opens a couple of TCP sockets ( for data, messages, and indexing) on the
backup client. QUESTION: What would a complete iptables command look like?
Using connection tracking is fine with me.
4) Data is exhanged. I have enough RAM to
allow connection tracking.
Thanks a lot,
Ulf
SuSE 8.0
amanda version 2.4.2p2 (using SuSE
rpm)
linux kernel 2.4.18-4
|