Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: amanda/iptables problem

2002-09-18 10:49:41
Subject: Re: amanda/iptables problem
From: John Dalbec <jpdalbec AT cc.ysu DOT edu>
To: Galen Johnson <gjohnson AT trantor DOT org>
Date: Wed, 18 Sep 2002 10:34:11 -0400 


Galen Johnson wrote:

John Dalbec wrote:
I sometimes get sendsize packets being dropped by iptables, presumably because the iptables connection tracking decided the UDP connection was closed. This causes the estimates to take much longer because the first sendsize process gives up. Has anyone found a solution to this? 
Thanks,
John Dalbec
I am currently running amanda through an iptables based firewall with no issues. I'm using Slack 8.1. Are you able to log the drops? 
I'm using Red Hat 7.1, kernel 2.4.9-34 w/ReiserFS quota patches.

These dumps were to tape DailySet104.
The next tape Amanda expects to use is: DailySet105.


STATISTICS:
                          Total       Full      Daily
                        --------   --------   --------
Estimate Time (hrs:min)    1:00
                           ^^^^
Run Time (hrs:min)         1:23
Dump Time (hrs:min)        0:20       0:06       0:15
Output Size (meg)        4865.8     1339.5     3526.2
Original Size (meg)      4865.8     1339.5     3526.2
Avg Compressed Size (%)     --         --         --    (level:#disks ...)
Filesystems Dumped           23          3         20   (1:19 3:1)
Avg Dump Rate (k/s)      4098.2     4008.7     4133.3
Sep 12 00:45:32 mail03 kernel: INT_IN DROP 5 IN=eth0 OUT= MAC=00:02:55:58:9d:fa:00:02:55:7c:ff:52:08:00 SRC=150.134.10.202 DST=150.134.10.203 LEN=304 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=10080 DPT=604 LEN=284 Sep 12 00:45:34 mail03 kernel: INT_IN DROP 5 IN=eth0 OUT= MAC=00:02:55:58:9d:fa:00:02:55:7c:fd:01:08:00 SRC=150.134.10.201 DST=150.134.10.203 LEN=265 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=10080 DPT=604 LEN=245 Sep 12 00:45:42 mail03 kernel: INT_IN DROP 5 IN=eth0 OUT= MAC=00:02:55:58:9d:fa:00:02:55:7c:ff:52:08:00 SRC=150.134.10.202 DST=150.134.10.203 LEN=304 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=10080 DPT=604 LEN=284 Sep 12 00:45:44 mail03 kernel: INT_IN DROP 5 IN=eth0 OUT= MAC=00:02:55:58:9d:fa:00:02:55:7c:fd:01:08:00 SRC=150.134.10.201 DST=150.134.10.203 LEN=265 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=10080 DPT=604 LEN=245 Sep 12 00:45:52 mail03 kernel: INT_IN DROP 5 IN=eth0 OUT= MAC=00:02:55:58:9d:fa:00:02:55:7c:ff:52:08:00 SRC=150.134.10.202 DST=150.134.10.203 LEN=304 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=10080 DPT=604 LEN=284 
... there are more, but you get the idea.
The connection tracking should be handling this. If I have to hack my firewall to let these packets through I might as well be using ipchains. 
Thanks,
John Dalbec
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: readline & termcap libraries?., John P. Looney
Next by Date:  Re: Help please, Neil
Previous by Thread:  Re: amanda/iptables problem, Galen Johnson
Next by Thread:  Help with HP Ultrium 1/20 tapedev, Eiseg Feuer
Indexes:  [Date] [Thread] [Top] [All Lists]