Hi, sorry, I got it. Each node has the configured port or the random high port. so if I set "7790" up as a replication port in drbd.conf, drop all at first and only accept --dport and --sport 7790.
iptables -A INPUT -i bond1 -p tcp --dport 7790 -j ACCEPT iptables -A INPUT -i bond1 -p tcp --sport 7790 -j ACCEPT iptables -A OUTPUT -o bond1 -p tcp --dport 7790 -j ACCEPT iptables -A OUTPUT -o bond1 -p tcp --sport 7790 -j ACCEPT Thanks, Junko 2010/8/6 Junko IKEDA <[email protected]>: > HI, > > DRBD has two tcp sessions per device, > one end will have a "random high port", > the end the configured port. > > I am setting up the parameters for fire wall, > so I want to know the detail of this "random port". > Is there any "range" for this? > How can I narrow down the port setting of fire wall? > > Thanks, > Junko IKEDA > > NTT DATA INTELLILINK CORPORATION > _______________________________________________ drbd-user mailing list [email protected] http://lists.linbit.com/mailman/listinfo/drbd-user
