Re: server will not backup itself ?!?!

Also sprach Joshua Baker-LePain (Tue 01 Jul 02003 at 10:29:38PM -0400):
> On Tue, 1 Jul 2003 at 6:36pm, Michael D. Schleif wrote
> 
> > # grep amanda /etc/inetd.conf
> > amanda dgram udp wait backup /usr/sbin/tcpd /usr/lib/amanda/amandad
> > amandaidx stream tcp nowait backup /usr/sbin/tcpd /usr/lib/amanda/amindexd
> > amidxtape stream tcp nowait backup /usr/sbin/tcpd /usr/lib/amanda/amidxtaped
> 
> What's in /etc/hosts.{allow,deny}.  You've TCP wrapped amandad, are you 
> letting localhost connect?

# cat /etc/hosts.{allow,deny}
# /etc/hosts.allow: list of hosts that are allowed to access the system.
#                   See the manual pages hosts_access(5), hosts_options(5)
#                   and /usr/doc/netbase/portmapper.txt.gz
#
# Example:    ALL: LOCAL @some_netgroup
#             ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper. See portmap(8)
# and /usr/doc/netbase/portmapper.txt.gz for further information.
#
ALL: LOCAL
statd: .private.network

# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
#                  See the manual pages hosts_access(5), hosts_options(5)
#                  and /usr/doc/netbase/portmapper.txt.gz
#
# Example:    ALL: some.host.name, .some.domain
#             ALL EXCEPT in.fingerd: other.host.name, .other.domain
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper. See portmap(8)
# and /usr/doc/netbase/portmapper.txt.gz for further information.
#
# The PARANOID wildcard matches any host whose name does not match its
# address.
ALL: PARANOID


> Also, is ip{chains,tables} in the way?

# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source destination         


Bragi is inside a private network, which is firewalled to the Internet;
but, as you can see, no firewalling is done inside this network.

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--

pgp1zcCCtrCAH.pgp
Description: PGP signature

<Prev in Thread]	Current Thread	[Next in Thread>
server will not backup itself ?!?!, Michael D. Schleif Message not available Re: server will not backup itself ?!?!, Michael D. Schleif Message not available Re: server will not backup itself ?!?!, Michael D. Schleif Re: server will not backup itself ?!?!, Gene Heskett Message not available Re: server will not backup itself ?!?!, Michael D. Schleif Re: server will not backup itself ?!?!, Paul Bijnens Re: server will not backup itself ?!?!, Michael D. Schleif Re: server will not backup itself ?!?!, Joshua Baker-LePain Re: server will not backup itself ?!?!, Michael D. Schleif <= Message not available Re: server will not backup itself ?!?!, Michael D. Schleif Re: server will not backup itself ?!?!, Kurt Yoder Re: server will not backup itself ?!?!, Michael D. Schleif Re: server will not backup itself ?!?!, Paul Bijnens