--On Wednesday, March 17, 2004 13:12:19 -0600 "Barry A. Trent" <btrent AT 
triticom DOT com> wrote:

>> Iptables firewalls on a newer kernel has Amanda support built in,
>> otherwise you either need gaping holes in the firewall or need to
>> compile with the portrange options.  I agree that it should be a
>> conf file setting, but its not. 
> 
> How new a kernel are we talking about? Is there specific support for 
> Amanda, or are you just referring to the "stateful packet inspection" 
> features of iptables?

I don't recall when it was added in, perhaps it wasn't until the 2.5
series. 

Device drivers -> Networking support -> Networking options ->
   network packet filtering (replaces ipchains) -> IP: netfilter
configuration -> Connection tracking -> Amanda backup protocol support


CONFIG_IP_NF_AMANDA=y is the actual .config line

I believe it considers replies from the clients as 'related established'
packets, just like it does with FTP data port connctions.

All that said, I haven't actually used it, since I had already started
configuring  and compiling Amanda with the portrange options, but
supposedly it does work.

Frank

-- 
Frank Smith                                      fsmith AT hoovers DOT com
Sr. Systems Administrator                       Voice: 512-374-4673
Hoover's Online                                   Fax: 512-374-4501