Re: Port NNN not secure
2005-09-21 10:23:44
Thanks, Matt. That makes perfect sense. I figured something must have
changed since the older version I was using before.
-adam
Matt Hyclak thought no one was listening and belted out:
On Tue, Sep 20, 2005 at 03:03:02PM -0600, Adam Bayless enlightened us:
I'm getting:
ERROR: client: [host server.domain.com: port 10022 not secure]
when running amcheck . The FAQ says make sure that amcheck is suid root,
which it is:
-r-sr-x--- 1 root operator 34840 Sep 20 19:50 /usr/local/sbin/amcheck
The FAQ also mentions NAT possibly causing issues with ports such as
this but I am not in a NAT scenario.
I'm using a default build of amanda-2.4.5 (from the FreeBSD ports
collection). The only customization is that I used
'--with-udpportrange=10000,10100' '--with-portrange=10000,10100' because
I have one host behind a firewall. The server is outside as are the
other clients. I had this all working under an earlier build of amanda
(2.4.1-ish) but when I updgraded to 2.4.5 things borked on me. Have
there been any config changes since then that I should be aware of?
Anyone have any pointers?
Yes, reread the portusage.txt document. The section on UDP ports specifies
that you should have at least "inparallel" many ports all less than 1023.
Any process can open a port > 1023, so amanda doesn't trust those packets.
Matt
|
|
|