BackupPC-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [BackupPC-users] BackupPC over a Firewall (IPtables)

2009-01-28 13:28:52
Subject: Re: [BackupPC-users] BackupPC over a Firewall (IPtables)
From: Rob Owens <rowens AT ptd DOT net>
To: "General list for user discussion, questions and support" <backuppc-users AT lists.sourceforge DOT net>
Date: Wed, 28 Jan 2009 13:25:11 -0500 
On Wed, Jan 28, 2009 at 07:07:26PM +0100, Sam Przyswa wrote:
> 
> 
> Rob Owens a écrit :
> > You could use either a VPN or ssh port forwarding.  For ssh port 
> > forwarding, it would go something like this:
> >
> > ssh -L 2222:remotemachine:22 username@servername
> >
> > Then you can do:
> >
> > ssh -p 2222 someuser@localhost
> >
> > "servername" is a machine behing the firewall that can receive ssh requests 
> > from the internet.  "remotemachine" is a machine on the same network as 
> > "servername", which you want to ssh into (for the purpose of running a 
> > backup).  The port forwarding makes your local port 2222 pretend to be port 
> > 22 on "remotemachine". 
> >
> > This works for one remote host.  You would need to repeat the process for 
> > each remote host.  You could specify a different port (2223, perhaps), or 
> > you could re-use port 2222 as long as you end the previous session before 
> > starting a new one.
> >   
> 
> Ok but with 200 machines, manage 200 port forwards it's not very useful, 
> and what about Windows machines and SMB shares ?
> 
> > This will all have to be worked into a DumpPreUserCmd.
> >   
> 
> What is DumpPreUserCmd ?
> 
For simplicity, I'd try to back up all machines using the same method.  Perhaps 
rsyncd would be best.  Then you could use the $host variable in the 
DumpPreUserCmd.  DumpPreUserCmd runs a command before performing the backup.  
You would run your port forwarding command like this:

ssh -L 2222:$host:873 username@servername sleep 10

Note that port 873 is for rsyncd, and I have added "sleep 10" because this will 
automatically end the port forward after 10 seconds of inactivity. 

If all your hosts are behind the same firewall, then this is easy to do.  Just 
put the above command in the main configuration (not host-specific 
configuration).  With this setup, you can only back up one host at a time.

You should experiment before putting this into production, because this is all 
off the top of my head and I haven't double-checked it.

-Rob

------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [BackupPC-users] BackupPC over a Firewall (IPtables), Sam Przyswa
Next by Date:  [BackupPC-users] Timing backups, Timothy Murphy
Previous by Thread:  Re: [BackupPC-users] BackupPC over a Firewall (IPtables), Sam Przyswa
Next by Thread:  Re: [BackupPC-users] BackupPC over a Firewall (IPtables), Les Mikesell
Indexes:  [Date] [Thread] [Top] [All Lists]