Re: stream 0 accept failed: bad SECURITY line: ''

Thu, 18 Apr 2013 10:06:28 -0700 

I've been scratching my head over this, FW on the client looks ok to me.

[root@www-stage ~]# /sbin/iptables -L | grep curie
ACCEPT     udp  --  curieb.wadsworth.org  anywhere            udp spts:932:948 
dpt:amanda 
ACCEPT     tcp  --  curieb.wadsworth.org  anywhere            tcp 
spts:10084:itap-ddtp dpts:10084:itap-ddtp 
ACCEPT     udp  --  curie.wadsworth.org  anywhere            udp spts:932:948 
dpt:amanda 
ACCEPT     tcp  --  curie.wadsworth.org  anywhere            tcp 
spts:10084:itap-ddtp dpts:10084:itap-ddtp 


and the it occured to me, the amanda server was built with port
restriction, and I always do so for my clients as I like to avoid
multiple builds if I can, and some client/server pairs have to
traverse our FW.

But this instance of the amanda client was installed from an rpm,
so I'm betting, and based on debug files, believe that the client
is trying to connect back to the server on ports that the server
is not listening to.

I believe I can user amanda_client.conf to restrict the ports, but
wanted to know if this solution seemed right to the amanda community.
Ask if there was another method, ask what the minimal amanda.conf
needed to contain, and which directory, as I've seen some of the
pre-built kits use directories other than /usr/local/etc/amanda/<config>

Yah, a lot of questions, hopefully on the correct path.

                                                thank you,

                                                Brian



On Fri, Apr 12, 2013 at 01:28:02PM -0700, Jean-Louis Martineau wrote:
> On 04/12/2013 11:52 AM, Brian Cuttler wrote:
> >
> >amandad: try_socksize: send buffer size is 65536
> >amandad: try_socksize: receive buffer size is 65536
> >amandad: time 3.128: bind_portrange2: trying port=831
> >amandad: time 3.129: stream_server: waiting for connection: 0.0.0.0.36507
> >amandad: try_socksize: send buffer size is 65536
> >amandad: try_socksize: receive buffer size is 65536
> >amandad: time 3.136: bind_portrange2: trying port=831
> >amandad: time 3.136: stream_server: waiting for connection: 0.0.0.0.38560
> >amandad: try_socksize: send buffer size is 65536
> >amandad: try_socksize: receive buffer size is 65536
> >amandad: time 3.143: bind_portrange2: trying port=831
> >amandad: time 3.144: stream_server: waiting for connection: 0.0.0.0.49357
> >amandad: time 3.144: sending REP pkt:
> ><<<<<
> >CONNECT DATA 36507 MESG 38560 INDEX 49357
> >OPTIONS features=fffffeff9ffeffff07;
> 
> The server should connect to these ports, check the server dumper debug 
> files, try to disable firewall and selinux.
> 
> Jean-Louis
> 
---
   Brian R Cuttler                 [email protected]
   Computer Systems Support        (v) 518 486-1697
   Wadsworth Center                (f) 518 473-6384
   NYS Department of Health        Help Desk 518 473-0773

Reply via email to