On Friday, April 06, 2012 12:37:47 AM Nathan Stratton Treadway did opine: > On Thu, Apr 05, 2012 at 23:01:57 -0400, gene heskett wrote: > > What would be the nmap invocation that would show if ports amanda > > needs are closed? > > > > > > Thu Apr 5 22:48:11 2012: thd-0x86ede00: amcheck-clients: > > connect_port: Try port 516: available - Success Thu Apr 5 22:48:11 > > 2012: thd-0x86ede00: amcheck-clients: connected to 192.168.71.3:10080 > > Thu Apr 5 22:48:11 2012: thd-0x86ede00: amcheck-clients: our side is > > 0.0.0.0:516 > > > > Thu Apr 5 22:48:11 2012: thd-0x86ede00: amcheck-clients: > > connect_port: Try port 516: available - Success Thu Apr 5 22:48:11 > > 2012: thd-0x86ede00: amcheck-clients: connect_portrange: Connect from > > 0.0.0.0:516 failed: Connection refused Thu Apr 5 22:48:11 2012: > > thd-0x86ede00: amcheck-clients: connect_portrange: connect to > > 192.168.71.4:10080 failed: Connection refused Thu Apr 5 22:48:11 > > 2012: thd-0x86ede00: amcheck-clients: stream_client: Could not bind > > to port in range 512-1023. > > > > Thu Apr 5 22:48:11 2012: thd-0x86ede00: amcheck-clients: > > connect_port: Try port 516: available - Success Thu Apr 5 22:48:11 > > 2012: thd-0x86ede00: amcheck-clients: connect_portrange: Connect from > > 0.0.0.0:516 failed: Connection refused Thu Apr 5 22:48:11 2012: > > thd-0x86ede00: amcheck-clients: connect_portrange: connect to > > 192.168.71.5:10080 failed: Connection refused > > > > Thu Apr 5 22:48:16 2012: thd-0x86ede00: amcheck-clients: > > connect_port: Try port 516: available - Success Thu Apr 5 22:48:16 > > 2012: thd-0x86ede00: amcheck-clients: connect_portrange: Connect from > > 0.0.0.0:516 failed: Connection refused Thu Apr 5 22:48:16 2012: > > thd-0x86ede00: amcheck-clients: connect_portrange: connect to > > 192.168.71.4:10080 failed: Connection refused Thu Apr 5 22:48:16 > > 2012: thd-0x86ede00: amcheck-clients: stream_client: Could not bind > > to port in range 512-1023. > > > > Thu Apr 5 22:48:16 2012: thd-0x86ede00: amcheck-clients: > > connect_port: Try port 516: available - Success Thu Apr 5 22:48:16 > > 2012: thd-0x86ede00: amcheck-clients: connect_portrange: Connect from > > 0.0.0.0:516 failed: Connection refused Thu Apr 5 22:48:16 2012: > > thd-0x86ede00: amcheck-clients: connect_portrange: connect to > > 192.168.71.5:10080 failed: Connection refused Thu Apr 5 22:48:16 > > 2012: thd-0x86ede00: amcheck-clients: stream_client: Could not bind > > to port in range 512-1023. > > > > Thu Apr 5 22:48:21 2012: thd-0x86ede00: amcheck-clients: > > connect_port: Try port 516: available - Success Thu Apr 5 22:48:21 > > 2012: thd-0x86ede00: amcheck-clients: connect_portrange: Connect from > > 0.0.0.0:516 failed: Connection refused Thu Apr 5 22:48:21 2012: > > thd-0x86ede00: amcheck-clients: connect_portrange: connect to > > 192.168.71.4:10080 failed: Connection refused Thu Apr 5 22:48:21 > > 2012: thd-0x86ede00: amcheck-clients: stream_client: Could not bind > > to port in range 512-1023. > > > > Thu Apr 5 22:48:21 2012: thd-0x86ede00: amcheck-clients: > > connect_port: Try port 516: available - Success Thu Apr 5 22:48:21 > > 2012: thd-0x86ede00: amcheck-clients: connect_portrange: Connect from > > 0.0.0.0:516 failed: Connection refused Thu Apr 5 22:48:21 2012: > > thd-0x86ede00: amcheck-clients: connect_portrange: connect to > > 192.168.71.5:10080 failed: Connection refused Thu Apr 5 22:48:21 > > 2012: thd-0x86ede00: amcheck-clients: stream_client: Could not bind > > to port in range 512-1023. > > Assuming you don't have any firewalling going on between these machines, > you can most likely tell which ports Amanda has open on the clients by > just running > > $ netstat -a | grep amanda > > on those machines... > > Does the output from that command on 192.168.71.3 look any different > from that on your other clients? > > (As described in /etc/services, port 10080 is the "amanda" port for both > UDP and TCP.) > > Nathan > On coyote, the server: root@coyote Documents]# netstat -a | grep amanda tcp 0 0 *:amanda *:* LISTEN
On shop, one of the clients as sudo: netstat -a | grep amanda udp 0 0 *:amanda *:* And on lathe, also sudo: gene@lathe:~$ sudo netstat -a | grep amanda udp 0 0 *:amanda *:* No LISTEN on the clients. xinetd has been restarted several times. No firewall that I know of. The iptables --list outputs server: [root@coyote Documents]# iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-SSH tcp -- anywhere anywhere tcp dpt:ssh Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain fail2ban-SSH (1 references) target prot opt source destination RETURN all -- anywhere anywhere client shop: root@shop:/var/lib/amanda# iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination client lathe: root@lathe:~# iptables --list WARNING: All config files need .conf: /etc/modprobe.d/emc2, it will be ignored in a future release. Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Thanks Nathan. Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) My web page: <http://coyoteden.dyndns-free.com:85/gene> It wasn't that she had a rose in her teeth, exactly. It was more like the rose and the teeth were in the same glass.
