Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Amanda/firewall --with-portrange

2005-09-29 13:22:36
Subject: Amanda/firewall --with-portrange
From: "Brenckle, Nicholas" <NBrenckle AT dsl DOT net>
To: "'amanda-users AT amanda DOT org'" <amanda-users AT amanda DOT org>
Date: Thu, 29 Sep 2005 13:07:15 -0400

 

I am having a weird problem with the portrange specification. My situation is reversed from most configurations in the FAQ as my host is behind the fw, while the backup server sits in front of it. There is no NAT going on.

 

Amanda was compile from the source RPM, I added the following to the SPEC file:

 

        --with-portrange=850,854 \

        --with-tcpportrange=850,854 \

        --with-udpportrange=850,854

 

I put the server and client RPMS on my backup/tape server, and the client RPM on the client.  Both are running Fedora Core 1 if that matters.

 

Amcheck will work, and I can see the traffic (using tcpdump) running mostly on port 850, sometimes on port 851.

 

The problem is when I run amdump, I get a few things going back/forth on the 850-854 range, and then the server tries to connect to the client  some high number port, in this test, 48111. That isn't going to work. J Why does it do this? Only ports 850-854 are allowed, that's why I specified them in the compile.  Suggestions? Tcpdump output from the server shown below. If I open all ports up at the firewall the software works, so I don't think it's a network/server problem, it has to be related to the allowed ports of the firewall.

 

Thanks,

 

Nick

 

 

12:39:02.178374 backup01.mynetwork.net.851 > client-station.mynetwork.net.amanda: udp 117 (DF)

12:39:02.190269 client-station.mynetwork.net.amanda > backup01.mynetwork.net.851: udp 50 (DF)

12:39:02.211152 client-station.mynetwork.net.amanda > backup01.mynetwork.net.851: udp 83 (DF)

12:39:02.211381 backup01.mynetwork.net.851 > client-station.mynetwork.net.amanda: udp 50 (DF)

12:39:02.221191 backup01.mynetwork.net.851 > client-station.mynetwork.net.amanda: udp 309 (DF)

12:39:02.235417 client-station.mynetwork.net.amanda > backup01.mynetwork.net.851: udp 50 (DF)

12:39:04.508871 client-station.mynetwork.net.amanda > backup01.mynetwork.net.851: udp 118 (DF)

12:39:04.509057 backup01.mynetwork.net.851 > client-station.mynetwork.net.amanda: udp 50 (DF)

12:39:04.527624 backup01.mynetwork.net.854 > client-station.mynetwork.net.amanda: udp 223 (DF)

12:39:04.540252 client-station.mynetwork.net.amanda > backup01.mynetwork.net.854: udp 50 (DF)

12:39:04.571890 client-station.mynetwork.net.amanda > backup01.mynetwork.net.854: udp 125 (DF)

12:39:04.571983 backup01.mynetwork.net.854 > client-station.mynetwork.net.amanda: udp 50 (DF)

12:39:04.580725 backup01.mynetwork.net.40590 > client-station.mynetwork.net.48111: S 3871447985:3871447985(0) win 5840 <mss 1460,sackOK,timestamp 188668545 0,nop,wscale 0> (DF)

12:39:07.574415 backup01.mynetwork.net.40590 > client-station.mynetwork.net.48111: S 3871447985:3871447985(0) win 5840 <mss 1460,sackOK,timestamp 188668845 0,nop,wscale 0> (DF)

12:39:13.574422 backup01.mynetwork.net.40590 > client-station.mynetwork.net.48111: S 3871447985:3871447985(0) win 5840 <mss 1460,sackOK,timestamp 188669445 0,nop,wscale 0> (DF)

12:39:25.574414 backup01.mynetwork.net.40590 > client-station.mynetwork.net.48111: S 3871447985:3871447985(0) win 5840 <mss 1460,sackOK,timestamp 188670645 0,nop,wscale 0> (DF)

12:39:49.574418 backup01.mynetwork.net.40590 > client-station.mynetwork.net.48111: S 3871447985:3871447985(0) win 5840 <mss 1460,sackOK,timestamp 188673045 0,nop,wscale 0> (DF)

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Disable Tape Compression, Scott R. Burns
Next by Date:  RE: Amanda/firewall --with-portrange, David Leangen
Previous by Thread:  My Monthly archive config - issue, Chuck Amadi Systems Administrator
Next by Thread:  RE: Amanda/firewall --with-portrange, David Leangen
Indexes:  [Date] [Thread] [Top] [All Lists]