> You are not looking at the complete output of netstat -an.
> You need to look at the traffic over the wire, or in this
> case, the SSH traffic between the two hosts. The rsync
> traffic being sent/recd on the SSH tunnel is NOT the same
> thing (especially if you enable ssh compression).
Sorry, you're right: if looking at port 22 of the remotehost I get:
storebox:~# netstat -na | grep remotehost
tcp 0 0 172.16.16.222:50097 remotehost:22
ESTABLISHED
And with iptables:
Chain INPUT (policy ACCEPT 22M packets, 56G bytes)
pkts bytes target prot opt in out source
destination
0 0 tcp -- * * remotehost
127.0.0.1 tcp spt:22
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 14M packets, 31G bytes)
pkts bytes target prot opt in out source
destination
0 0 tcp -- * * 127.0.0.1
remotehost tcp dpt:22
Therefore I think there's no traffic directly over SSH port 22, instead
everything passes over port 8873, but if I'm wrong just teach me how it
really is working.
> You really do want to look at the ssh tunnel for the traffic count...
Yes, indeed: that's my goal, because as far as I understood it, data is
being transferred *within* the SSH tunnel (rsync is running "inside" the
tunnel). So how do *you* think my rules should be set up?
Thanks,
F.
------------------------------------------------------------------------------
Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
is a gathering of tech-side developers & brand creativity professionals. Meet
the minds behind Google Creative Lab, Visual Complexity, Processing, &
iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian
Group, R/GA, & Big Spaceship. http://www.creativitycat.com
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
|