On Fri, Mar 03, 2006 at 01:04:11PM +0100, Jorge Izquierdo (UAM) enlightened us:
> We are using amanda software to backup our servers and workstations
> onour department and we have a problem with the iptables configurations
> ofsome of the amanda clients.
> 
> The problem is with the stations with Linux with kernel version
> 2.6. Using the same configuration as in Linux with kernel 2.4 for the
> iptables software the ones with kernel 2.6 reports an error when trying
> to make the backup because the server cannot connect to TCP ports
> suggested by the client. Those ports are not opened by default on the
> iptables configuration, the ip_conntrack_amanda module loaded from the
> /etc/sysconfig/iptables-config file, should open those ports (ramdomly
> chosed by the client) related to the first connection.
> 
> So it seems that the ip_conntrack_amanda module on kernel 2.6 does not
> work properly. Any ideas? Any bug? One posible solution could be to open
> the range of ports from which client randomly select the port to dump
> the backup to server. Does anybody knows what this range is in the
> amanda-client RPM package or how to discover it?
> 
> Thanks in advance if anybody may help me. 
> 

What version of 2.6? There was an off-by-one type of error in Fedora Core
2's kernels at one point around 2.6.5, I think. ip_conntrack_amanda works
just fine on my CentOS (RHEL) 4 machines, which is 2.6.9. All I do on
clients is allow udp 10080 through and load ip_conntrack_amanda.

Matt

-- 
Matt Hyclak
Department of Mathematics 
Department of Social Work
Ohio University
(740) 593-1263