Re: Cannot backup firewall
2003-11-20 09:35:19
On Thu, 20 Nov 2003 at 8:26am, Rebecca Pakish Crum wrote
> I'm running amanda 2.4.2p2 on a RH box as my backup server. I installed
> the amanda client on my (sol8) firewall on Friday, and set up a rule for
> the server to get to the firewall for amanda services - amcheck runs
> fine and reports no errors. But when my amdump kicks off at night, my
> report says:
>
> firewall.unter /export/home/rebecca lev 0 FAILED [could not connect to
> firewall.unterlaw.com]
You have to allow traffic on not just the amanda port, but also high
numbered TCP ports for the data connections. On Linux clients, I put in
the following iptables rules:
# Amanda from chaos
-A INPUT -p udp -s $SERVER_IP_ADDRESS -d 0/0 --dport 10080 -j ACCEPT
-A INPUT -p tcp -m tcp -s $SERVER_IP_ADDRESS -d 0/0 --dport 1025:65535 -j ACCEPT
With just the first rule (allowing UDP traffic to port 10080), the client
will pass amcheck but fail amdump. The second rule (allowing TCP
traffic to all non-priviledged ports) actually allows data to flow.
--
Joshua Baker-LePain
Department of Biomedical Engineering
Duke University
|
|
|