On Tue, 18 Jan 2005, Neil Marjoram wrote:
I am having a little hair pulling trouble setting up the firewall for Amanda backups.
I am attempting to use my Amanda server to backup a client which has the firewall installed, so far without much luck.
If anyone has got this to work or can advise me on what rules are needed I would be truly grateful.
I know so far that amanda will send a backup request on port 10080, this rule I've got.
Then the client will send back on a random udp port, this should be ok as I don't block any outbound traffic.
But now amanda returns to the client with three random tcp port connections, this is where I fail I think - someone suggested using connection tracking, but I don't really know enough about this.
In /etc/sysconfig/iptables-confg, add ip_conntrack_amanda to the IPTABLES_MODULES string.
Note that some 2.6.9 kernels had broken ip_conntrack_amanda modules. amcheck would work with such cleints, but actual backups would hang forever. Recent kernels should be better.
There are other amanda-related services at 10081:tcp, 10081:udp, 10082:tcp and 10083:tcp. I don't know if these are required for a functioning simple setup.
Thanks,
Neil.
-- Matthew Saltzman
Clemson University Math Sciences mjs AT clemson DOT edu http://www.math.clemson.edu/~mjs
