Re: amanda backups and firewalling
From: jason@cannonfodder.orgDate: 07/17/02
- Previous message: Andrew Rucker Jones: "Re: amanda backups and firewalling"
- In reply to: mark@winksmith.com: "amanda backups and firewalling"
- Next in thread: Matt Hemingway: "Re: amanda backups and firewalling"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 17 Jul 2002 12:23:40 -0500 From: jason@cannonfodder.org To: focus-linux@securityfocus.com
on Tue Jul 16 mark@winksmith.com spoke forth with the blessed manuscript
> i'm sure someone has looked at this already. my internal server within
> my internal lan has been wrapped up with iptables. in and out is clearly
> defined on the box.
> amdump (amanda 2.4.2) appears to use specified ports (such as 10080,
> 10081, 10082, and 10083). BUT then the actual transfer of data seems
> to go over another port. these ports don't appear to be fixed and
> range quite a bit (different every time).
> any ideas as to how to handle this in iptables?
I actually just did this last night and whether it's correct or not here
is what I did and it seems to work:
-A tcp_shi* -s 192.168.1.0/255.255.255.0 -p tcp -m tcp -m multiport --dports amandaidx,amidxtape -j ACCEPT
-A tcp_shi* -s 66.137.146.200/255.255.255.248 -p tcp -m tcp -m multiport --dports amandaidx,amidxtape -j ACCEPT
-A tcp_shi* -s 192.168.1.0/255.255.255.0 -p udp -m udp --sport 10080 -j ACCEPT
-A tcp_shi* -s 66.137.146.200/255.255.255.248 -p udp -m udp --dport 10080 -j ACCEPT
--
- Previous message: Andrew Rucker Jones: "Re: amanda backups and firewalling"
- In reply to: mark@winksmith.com: "amanda backups and firewalling"
- Next in thread: Matt Hemingway: "Re: amanda backups and firewalling"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
