Re: Firewall and Portrange Settings
2004-03-17 12:09:02
--On Wednesday, March 17, 2004 10:47:25 -0600 "Barry A. Trent" <btrent AT
triticom DOT com> wrote:
> I'm using amanda to back up about Linux 10 machines, some through a
> firewall. I'm looking at making the "holes" I've got punched in the
> firewall a little smaller and two questions arise:
>
> 1) It seems that the --with-tcpportrange and --with-udpportrange
> options designed to make usage through a firewall easier are strictly
> compile-time options. Wouldn't these be more appropriate as run-time
> options, perhaps in amanda.conf? I'm using pre-packaged builds for
> several different flavors of Linux and I'd rather not have to
> compile/maintain a bunch of different executables if I can avoid it.
Iptables firewalls on a newer kernel has Amanda support built in,
otherwise you either need gaping holes in the firewall or need to
compile with the portrange options. I agree that it should be a
conf file setting, but its not.
> 2) Is there some way to get a pre-compiled version of amanda to tell
> me what portrange settings it was compiled with? I know I can observe
> the sessions on the wire and figure it out that way, but I'm hoping
> there is an easier way.
I would bet that all the packaged versions are using the default
'use almost any port' method documented in docs/PORTS.USAGE.
Frank
>
> Thanks.
>
>
--
Frank Smith fsmith AT hoovers DOT com
Sr. Systems Administrator Voice: 512-374-4673
Hoover's Online Fax: 512-374-4501
|
|
|