Re: [Bacula-users] iptables problem
2012-06-06 10:53:24
On Wed, 06 Jun 2012 16:16:32 +0200
Laurent MANCHON <lmanchon AT univ-montp2 DOT fr> wrote:
> --hi,
>
> bacula returns this error message:
>
> 06-juin 14:56 Bacula-dir JobId 1569 : Warning: bsock.c:129 impossible
> to connect at Storage daemon on 192.168.1.15:9103. ERR=Connection
> failed
>
> i think i have a problem with my iptables rules but i don't know
> where, i need somebody help to resolve this problem.
>
> This is my iptables rules:
[...]
Before blaming your firewall settings and make us decypher them,
you really ought to check these two things:
1) SD on 192.168.1.15 is really listening on 192.168.1.15:9103
or on 0.0.0.0:9103 (that is, on a wildcard address).
This is a common misconfiguration problem: to forget to
make SD listen on a non-localhost address via its config file.
This can be verified by running netstat on the SD's host:
$ netstat -nlt | grep :9103
which should return something sensible, not 127.0.0.1:9103.
2) You can connect to that socket from a non-firewalled machine
(on the same network). You can use netcat or even telnet for this:
$ nc 192.168.1.15 9103
or
$ telnet 192.168.1.15 9103
If you correctly configured your SD to only allow (authenticated)
connects from your Director, you'd get back an explanatory message
from SD, like this:
$ nc titan 9103
titan.domain.local [192.168.2.25] 9103 (bacula-sd) : Connection refused
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|
|
|