Paul Vander Griend wrote:
Hi,
We are trying to get Amanda to work over a firewall but are
having a lot of trouble. Could anyone tell me what amanda
requires to successfuly backup over a firewall? Right now I
allow machines on the firewalled network to talk to the amanda
server on port 10080. What other traffic is required?
Have you read this:
http://www.amanda.org/docs/portusage.html
Also, if the firewall is a recent ipfilter implementation,
you can load the ip_conntrack_amanda filter module (and, if needed,
ip_nat_amanda), in which case only opening the 10080 port is sufficient
for a client. Note some older versions of these modules had
bugs.
I'm not sure if those ipfilter modules are sufficient for a restore
with amrecover, which uses port 10082, and 10083 from client to server.
Also note the long timeout you may need to set for the udp reply
packet in the connection tracking (e.g. FW-1 defaults to 40 seconds
for UDP replies, but amanda needs a value equal to "etimeout"
in the amanda.conf.)
--
Paul Bijnens, Xplanation Tel +32 16 397.511
Technologielaan 21 bus 2, B-3001 Leuven, BELGIUM Fax +32 16 397.512
http://www.xplanation.com/ email: Paul.Bijnens AT xplanation DOT com
***********************************************************************
* I think I've got the hang of it now: exit, ^D, ^C, ^\, ^Z, ^Q, ^^, *
* F6, quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, *
* stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt, abort, hangup, *
* PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e, kill -1 $$, shutdown, *
* init 0, kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ... *
* ... "Are you sure?" ... YES ... Phew ... I'm out *
***********************************************************************
|