On Thu, 20 Nov 2003 at 8:26am, Rebecca Pakish Crum wrote

> I'm running amanda 2.4.2p2 on a RH box as my backup server. I installed
> the amanda client on my (sol8) firewall on Friday, and set up a rule for
> the server to get to the firewall for amanda services - amcheck runs
> fine and reports no errors. But when my amdump kicks off at night, my
> report says:
> 
> firewall.unter /export/home/rebecca lev 0 FAILED [could not connect to
> firewall.unterlaw.com]

You have to allow traffic on not just the amanda port, but also high 
numbered TCP ports for the data connections.  On Linux clients, I put in 
the following iptables rules:

# Amanda from chaos
-A INPUT -p udp -s $SERVER_IP_ADDRESS -d 0/0 --dport 10080 -j ACCEPT
-A INPUT -p tcp -m tcp -s $SERVER_IP_ADDRESS -d 0/0 --dport 1025:65535 -j ACCEPT

With just the first rule (allowing UDP traffic to port 10080), the client 
will pass amcheck but fail amdump.  The second rule (allowing TCP 
traffic to all non-priviledged ports) actually allows data to flow.

-- 
Joshua Baker-LePain
Department of Biomedical Engineering
Duke University