|
Re: upd port restictions
2009-03-30 09:18:39
With bsd auth, the client choose the ports, they are in the range set by
--with-tcpportrange, which default to 1025-65536, you can set
'unreserved-tcp-port' in amanda-client.conf to change it.
You can also switch to the bsdtcp auth which require less port and is
easier to configure.
Jean-Louis
Glenn Gillis wrote:
Brian Cuttler wrote, On 3/24/2009 7:42 AM:
Jean-Louis,
On Tue, Mar 24, 2009 at 10:37:22AM -0400, Jean-Louis Martineau wrote:
Hi,
Server use tcp port between 10084 and 10100 to connect to client
trel.wadsworth.org on port 56446.
It looks good.
Do you have firewall on server or client? Disable them while you
test amanda.
Can you post server and client debug files?
We've opened the ports that we expected to use on the client,
the server is not running a FW.
I'd thought that the amanda TCP ports where well known and
had assumed it was the dump on the client that was choosing
a upd port that the server was not listening to because of
--with-udpportrange=932,948.
We will disable FW on the MAC for further testing, but I
know that there is a preference to keep it running. Are
the ports predictable so that we can at least somewhat
restrict the range ?
I believe the ports *are* predictable to an extent, Jean-Louis. I've
successfully configured a FreeBSD Amanda server to backup another
FreeBSD server running a firewall in the past.
I used:
<http://wiki.zmanda.com/index.php/Configuration_with_iptables#IP_Traffic>
and
<http://wiki.zmanda.com/index.php/TCP/UDP_ports>
for guidance.
|
|
|
