Re: Firewall, amanda client and ports
2007-07-19 07:58:32
Marc Muehlfeld wrote:
Morning,
Jean-Louis Martineau schrieb:
Yes you only need to allow connection to port 10080.
This isn't added to the wiki right now, isn't it? At least I didn't
saw it there.
Just some more questions about that:
* destination-port is 10080 udp, thats clear. But from with source
ports is the server connecting? (>1024 ?)
With bsdtcp auth, destination-port is 10080 TCP, source ports < 1024
See docs/howto-auth.txt in the distribution
and http://wiki.zmanda.com/index.php/Server/Client_authentication
* The data connection is still handled over tcp, I think. Will this be
handled over the iptables_conntrack module? Or do I need
ip_conntrack_amanda/ip_nat_amanda for that?
No others port needed with bsdtcp auth. No firewall rules needed.
* Could this be done only with 2.5.2p1 (and later) server and clients?
Or can I have older clients too?
Require 2.5.1 or above for client and server.
Older client or server can only use bsd auth, with destination-port
10080 UDP, firewall rules are needed to allow the tcp connection.
Jean-Louis
|
|
|