> Date: Thursday, March 10, 2016 09:05:43 -0800 > From: maaf4d <bacula-fo...@backupcentral.com> > > IPTables on Server: > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > ACCEPT tcp -- anywhere anywhere state NEW tcp dpts:bacula-dir:bacula-sd > > Client's IPTables rules: > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:bacula-fd
I think that your iptables output policies are a part of your problem. A machine's output policy constrains what ports the source side can go out from. With bacula you are going *to* ports 9101-03, but *from* an arbitrary (high numbered) port. So, while you may want to constrain that ports you accept inbound (input) connections on, you generally leave the outbound (output) totally open. In your case, you appear to be constraining your outbound ports to 9101 and 03 on your server and 9102 on the client. That, in fact, means that you very likely aren't getting out at all. Remove those outbound constraints from iptables and things should improve. I think you still have other issues, but you should be able to telnet to the 9101-03 ports (as appropriate) and get at least a "connection refused" response from the remote host. ------------------------------------------------------------------------------ Transform Data into Opportunity. Accelerate data analysis in your applications with Intel Data Analytics Acceleration Library. Click to learn more. http://pubads.g.doubleclick.net/gampad/clk?id=278785111&iu=/4140 _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
