Gabriel - IP Guys wrote:
> 
> 
> Dear All,
> 
>  
> 
> I need some fresh eyes on this at the moment. I made this entry in the
> firewall scripts of my Linux servers which will be running some
> component of Bacula
> 
>  
> 
> iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 9101:9103
> -j ACCEPT
> 
>  
> 
> I will add the source directive when I'm looking it all down, will this
> line in the firewall of all clients will allow bacula to work correctly?
> For some reason, I am having issues getting this to work, the
> configuration is fine, because it can backup and communicate locally
> with no issues. Any tips would be appreciated. Thank you
> 
> ---
> 
> Kind Regards,
> 
> Mr Gabriel

If I'm not mistaken, you need to tell iptables to DNAT the traffic. You will 
also need to tell iptables to allow the traffic.

my example may/may not work exactly for you,  but it should get you going in 
the right direction.

iptables -A wan_dnat_chain -d $EXTERNALIP -p tcp -m tcp --dport 9103 -j DNAT 
--to-destination $BACULAHOST

iptables -A wan_to_lan_chain -d $BACULAHOST -p tcp -m tcp --dport 9103 -m 
conntrack --ctorigdst $EXTERNALIP -j ACCEPT


hope this helps.



Terry






------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay 
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users