Chuck Amadi Systems Administrator wrote:
Hi List
I had a look on the amanda client less /tmp/amanda
less amandad.20060213153537.debug
Here is the debug report:
----
Amanda 2.4 REQ HANDLE 003-E0990808 SEQ 1139841004
SECURITY USER amanda
SERVICE noop
OPTIONS features=fffffeff9ffe0f;
----
amandad: time 9.815: it is not an ack
amandad: time 9.815: sending REP packet:
----
Amanda 2.4 REP HANDLE 003-E0990808 SEQ 1139841004
ERROR [host fw.my.co.uk: port ***** not secure]
----
amandad: time 18.975: got packet:
----
Amanda 2.4 REQ HANDLE 003-E0990808 SEQ 1139841004
SECURITY USER amanda
SERVICE noop
OPTIONS features=fffffeff9ffe0f;
----
amandad: time 18.975: it is not an ack
amandad: time 18.975: sending REP packet:
Thus I assume I need to add rules for the Firewall server:
Any examples or notes
Cheers
On Mon, 2006-02-13 at 14:51 +0000, Chuck Amadi Systems Administrator
wrote:
Hi List
I have added a new Amanda client that doesn't belong to my LAN it's our
zope/web server that has a public address and is on another network it's
entry is in my dns server and in the /etc/hosts file which I thought
would be it's first port of call before asking the ns server. Both LAN
and zope/web server sit behind our firewall. Could be that because it's
on another network LAN's 192.168.1.xx broadcast 255.255.255.0 and
123.345.567.89 225.225.225.224 or can I possible use the public IPA
instead of server.my.co.uk in the DLE on the tape server. I am assuming
this is something to do with my firewall.
I have amandad running on the new amanda client. but I get the following
error when amcheck runs fron the cron.
I have created /var/lib/amanda/DailySet1/curinfo/server.my.co.uk/_
directory and chown amanda.disk. Also when I run the following commands
server:/etc/xinetd.d # netstat -a | grep -i amanda
tcp 0 0 *:amandaidx *:*
LISTEN
udp 0 0 *:amanda
*:*
server:/etc/xinetd.d #
server:/etc/xinetd.d # ps auxxx|egrep amanda
amanda 14847 0.0 0.3 4160 872 pts/3 S 12:30 0:00 [su]
amanda 14848 0.0 0.6 4620 1584 pts/3 S 12:30 0:00 bash
root 18452 0.0 0.1 3540 500 pts/3 S 15:51 0:00 /bin/grep
-E amanda
server:/etc/xinetd.d #
Error Message below:
WARNING: info
file /var/lib/amanda/DailySet1/curinfo/server.my.co.uk/_/info: does not
exist
Server check took 10.788 seconds
Amanda Backup Client Hosts Check
--------------------------------
WARNING: server.my.co.uk: selfcheck request timed out. Host down?
Client check: 4 hosts checked in 29.328 seconds, 1 problem found
Hi List I have had a read and digest of the following.
Chapter 22. How /Amanda/ uses UDP and TCP ports
Here is my possible ipchain rule.
Please can someone confirm that the udp should be privelage and tcp
non-privelaged and If udp is to be priveledge
have I got to re compile my amanda client
--with-tcpportrange=10082,10083 and --with-udpportrange=1023.
My IPChain example.
ipchains -A input -p udp -i -s $193.XXX.XXX.XXX{AMANDA_CLIENT} 10080 -d
$192.168.1.XXX{AMANDA_SERVER} -j ACCEPT
ipchains -A input -p tcp -i -s $193.XXX.XXX.XXX{AMANDA_CLIENT}
10082:10083 -d $192.168.1.XXX{AMANDA_SERVER} -j ACCEPT
