That did it! All of the iptables options were compiled into the kernel, changed them to modules and that fixed it! Thanks!
Jay > Jay Ted wrote: > > Greetings, > > > > I'm having trouble with one of my amanda servers. I have one server running > > 2.4.4p3 compiled from source on a LFS box with 2.6.7. My other server is 2.4.4p3 > > compiled from source on Slack9.1 with 2.6.7. My clients are a handful of RH with > > rpm'ed versions of amanda installed and a few others with clients compiled from > > source. My LFS server can back up all of the clients with out any problems. The > > Slack box can only backup one of the clients (rpm'd 2.4.2p2-9 on RH8.0). Any other > > clients (regardless of OS or amanda version) I try to backup using the Slack box > > get to the point where sendbackup opens up the three ports and waits for the > > server to connect, as seen here: > > > > cat /tmp/amada/sendbackup.20040624103525.debug > > > > sendbackup: debug 1 pid 1787 ruid 33 euid 33: start at Thu Jun 24 10:35:25 2004 > > /usr/local/libexec/sendbackup: version 2.4.4p3 > > parsed request as: program `DUMP' > > disk `/boot' > > device `/boot' > > level 0 > > since 1970:1:1:0:0:0 > > options `|;bsd-auth;srvcomp-best;index;' > > sendbackup: try_socksize: send buffer size is 65536 > > sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.1121 > > sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.1122 > > sendbackup: time 0.002: stream_server: waiting for connection: 0.0.0.0.1123 > > sendbackup: time 0.002: waiting for connect on 1121, then 1122, then 1123 > > sendbackup: time 30.002: stream_accept: timeout after 30 seconds > > sendbackup: time 30.002: timeout on data port 1121 > > sendbackup: time 60.002: stream_accept: timeout after 30 seconds > > sendbackup: time 60.002: timeout on mesg port 1122 > > sendbackup: time 90.002: stream_accept: timeout after 30 seconds > > sendbackup: time 90.002: timeout on index port 1123 > > sendbackup: time 90.002: pid 1787 finish time Thu Jun 24 10:36:55 2004 > > > > This is where it eventually times out waiting for the server. > > > > Here is a tcpdump of all traffic between the server and that client: > > > > 10:34:48.949371 slack.domain.com.522 > amclient.domain.com.10080: udp 117 (DF) > > 0x0000 4500 0091 0004 4000 4011 eeb1 ac10 8d79 [EMAIL PROTECTED]@......y > > 0x0010 ac10 660c 020a 2760 007d 1aec 416d 616e ..f...'`.}..Aman > > 0x0020 6461 2032 2e34 2052 4551 2048 414e 444c da.2.4.REQ.HANDL > > 0x0030 4520 3030 322d 3638 3739 3036 3038 2053 E.002-68790608.S > > 0x0040 4551 2031 3038 3830 3931 3239 310a 5345 EQ.1088091291.SE > > 0x0050 4355 CU > > 10:34:48.956599 amclient.domain.com.10080 > slack.domain.com.522: udp 50 (DF) > > 0x0000 4500 004e 0000 4000 3f11 eff8 ac10 660c [EMAIL PROTECTED] > > 0x0010 ac10 8d79 2760 020a 003a 2b47 416d 616e ...y'`...:+GAman > > 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL > > 0x0030 4520 3030 322d 3638 3739 3036 3038 2053 E.002-68790608.S > > 0x0040 4551 2031 3038 3830 3931 3239 310a EQ.1088091291. > > 10:34:48.961428 amclient.domain.com.10080 > slack.domain.com.522: udp 83 (DF) > > 0x0000 4500 006f 0000 4000 3f11 efd7 ac10 660c [EMAIL PROTECTED] > > 0x0010 ac10 8d79 2760 020a 005b 2e82 416d 616e ...y'`...[..Aman > > 0x0020 6461 2032 2e34 2052 4550 2048 414e 444c da.2.4.REP.HANDL > > 0x0030 4520 3030 322d 3638 3739 3036 3038 2053 E.002-68790608.S > > 0x0040 4551 2031 3038 3830 3931 3239 310a 4f50 EQ.1088091291.OP > > 0x0050 5449 TI > > 10:34:48.961641 slack.domain.com.522 > amclient.domain.com.10080: udp 50 (DF) > > 0x0000 4500 004e 0006 4000 4011 eef2 ac10 8d79 [EMAIL PROTECTED]@......y > > 0x0010 ac10 660c 020a 2760 003a 2b47 416d 616e ..f...'`.:+GAman > > 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL > > 0x0030 4520 3030 322d 3638 3739 3036 3038 2053 E.002-68790608.S > > 0x0040 4551 2031 3038 3830 3931 3239 310a EQ.1088091291. > > 10:34:48.962779 slack.domain.com.522 > amclient.domain.com.10080: udp 237 (DF) > > 0x0000 4500 0109 0007 4000 4011 ee36 ac10 8d79 [EMAIL PROTECTED]@..6...y > > 0x0010 ac10 660c 020a 2760 00f5 125b 416d 616e ..f...'`...[Aman > > 0x0020 6461 2032 2e34 2052 4551 2048 414e 444c da.2.4.REQ.HANDL > > 0x0030 4520 3030 322d 3338 3839 3036 3038 2053 E.002-38890608.S > > 0x0040 4551 2031 3038 3830 3931 3239 330a 5345 EQ.1088091293.SE > > 0x0050 4355 CU > > 10:34:48.969593 amclient.domain.com.10080 > slack.domain.com.522: udp 50 (DF) > > 0x0000 4500 004e 0000 4000 3f11 eff8 ac10 660c [EMAIL PROTECTED] > > 0x0010 ac10 8d79 2760 020a 003a 2b47 416d 616e ...y'`...:+GAman > > 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL > > 0x0030 4520 3030 322d 3338 3839 3036 3038 2053 E.002-38890608.S > > 0x0040 4551 2031 3038 3830 3931 3239 330a EQ.1088091293. > > 10:34:50.540198 amclient.domain.com.10080 > slack.domain.com.522: udp 102 (DF) > > 0x0000 4500 0082 0000 4000 3f11 efc4 ac10 660c [EMAIL PROTECTED] > > 0x0010 ac10 8d79 2760 020a 006e f4dd 416d 616e ...y'`...n..Aman > > 0x0020 6461 2032 2e34 2052 4550 2048 414e 444c da.2.4.REP.HANDL > > 0x0030 4520 3030 322d 3338 3839 3036 3038 2053 E.002-38890608.S > > 0x0040 4551 2031 3038 3830 3931 3239 330a 4f50 EQ.1088091293.OP > > 0x0050 5449 TI > > 10:34:50.540292 slack.domain.com.522 > amclient.domain.com.10080: udp 50 (DF) > > 0x0000 4500 004e 0009 4000 4011 eeef ac10 8d79 [EMAIL PROTECTED]@......y > > 0x0010 ac10 660c 020a 2760 003a 2b47 416d 616e ..f...'`.:+GAman > > 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL > > 0x0030 4520 3030 322d 3338 3839 3036 3038 2053 E.002-38890608.S > > 0x0040 4551 2031 3038 3830 3931 3239 330a EQ.1088091293. > > 10:34:52.081249 slack.domain.com.525 > amclient.domain.com.10080: (tsp_type 0x41) > > vers 109 seq 28257 [|timed] (DF) > > 0x0000 4500 00fe 0000 4000 4011 ee48 ac10 8d79 [EMAIL PROTECTED]@..H...y > > 0x0010 ac10 660c 020d 2760 00ea 0237 416d 616e ..f...'`...7Aman > > 0x0020 6461 2032 2e34 2052 4551 2048 414e 444c da.2.4.REQ.HANDL > > 0x0030 4520 3030 302d 3530 4536 3036 3038 2053 E.000-50E60608.S > > 0x0040 4551 2031 3038 3830 3931 3238 380a 5345 EQ.1088091288.SE > > 0x0050 4355 CU > > 10:34:52.088201 amclient.domain.com.10080 > slack.domain.com.525: (tsp_type 0x41) > > vers 109 seq 28257 [|timed] (DF) > > 0x0000 4500 004e 0000 4000 3f11 eff8 ac10 660c [EMAIL PROTECTED] > > 0x0010 ac10 8d79 2760 020d 003a 1950 416d 616e ...y'`...:.PAman > > 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL > > 0x0030 4520 3030 302d 3530 4536 3036 3038 2053 E.000-50E60608.S > > 0x0040 4551 2031 3038 3830 3931 3238 380a EQ.1088091288. > > 10:34:52.098930 amclient.domain.com.10080 > slack.domain.com.525: (tsp_type 0x41) > > vers 109 seq 28257 [|timed] (DF) > > 0x0000 4500 0096 0000 4000 3f11 efb0 ac10 660c [EMAIL PROTECTED] > > 0x0010 ac10 8d79 2760 020d 0082 ec7f 416d 616e ...y'`......Aman > > 0x0020 6461 2032 2e34 2052 4550 2048 414e 444c da.2.4.REP.HANDL > > 0x0030 4520 3030 302d 3530 4536 3036 3038 2053 E.000-50E60608.S > > 0x0040 4551 2031 3038 3830 3931 3238 380a 434f EQ.1088091288.CO > > 0x0050 4e4e NN > > 10:34:52.099174 slack.domain.com.525 > amclient.domain.com.10080: (tsp_type 0x41) > > vers 109 seq 28257 [|timed] (DF) > > 0x0000 4500 004e 0001 4000 4011 eef7 ac10 8d79 [EMAIL PROTECTED]@......y > > 0x0010 ac10 660c 020d 2760 003a 1950 416d 616e ..f...'`.:.PAman > > 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL > > 0x0030 4520 3030 302d 3530 4536 3036 3038 2053 E.000-50E60608.S > > 0x0040 4551 2031 3038 3830 3931 3238 380a EQ.1088091288. > > > > There doesn't seem to be any attempt at all to connect to the client on those > > three ports, however, when those ports are open I can telnet to them from the > > server. These machines do run iptables but they still fail even when I try the > > backup after "iptables -F". I did think at first that it was a simple firewall > > problem, wasn't that lucky though. The mail message sent sees the problem as a > > "bad CONNECT response", not much more than that. > > > > The debug files for the client are available at > > http://jayted.freeservers.com/amanda > > > > I've been fiddling with this for over a week now, anybody have any ideas of what > > to check next? > > Try removing the amanda specific services in the iptables/netfilter kernel > configuration (or mark as modules and don't load them) > I have found out that they cause problems on kernels newer than 2.6.5-rc1, so if you > have them compiled in static or loaded as > modules that might be it. > > /Andreas -- ______________________________________________ Check out the latest SMS services @ http://www.linuxmail.org This allows you to send and receive SMS through your mailbox. Powered by Outblaze
