Results 1 to 3 of 3

Thread: iptables rules

  1. #1

    Default iptables rules

    I'm no thaving much luck opening up my iptables to permit backups of machines over internet? I am running RHEL5 with amanda beta version 2.5.2b1, setup following [url]http://amanda.zmanda.com/quick-backup-setup.html[/url]

    i've been following [url]http://wiki.zmanda.com/index.php/How_To:Set_Up_iptables_for_Amanda[/url] - perhaps my connection problems are due to running the backups through a VPN?

    when I set my tun0 as a trusted interface, my backups work fine. if I decide that I don't trust my tun0 (which is a good idea, really), and try to openup ports in iptables I am unable to get a backup running.

    Here are my IP tables rules each side of the VPN.
    on my RHost
    added for amanda
    -A RH-Firewall-1-INPUT -p tcp --dport 50000:50100 -s 10.8.0.0/24 -j ACCEPT
    -A RH-Firewall-1-INPUT -p udp --dport 10080 -s 10.8.0.0/24 -j ACCEPT

    on my TSHost
    -A RH-Firewall-1-INPUT -p tcp --dport 50000:50100 -s 10.8.0.0/24 -j ACCEPT


    -sh-3.1$ amcheck DailySet1 -c
    Amanda Backup Client Hosts Check
    --------------------------------
    WARNING: mittens.testvpn.com: selfcheck request failed: No route to host
    Client check: 1 host checked in 10.353 seconds, 1 problem found

    When I set
    -A RH-Firewall-1-INPUT -i tun0 -j ACCEPT
    on my RHost, THost connects fine and my backups are successful.

  2. #2
    Join Date
    Oct 2005
    Posts
    1,559

    Default

    Please check the values for --with-tcpportrange compilation parameter.

    To see Amanda compilation parameter, please run "amadmin xx version"

    Paddy

  3. #3

    Default

    Try using the multiport module shipped with iptables. It is used like this:

    iptables -A INPUT -p tcp -m multiport --dports 50000:55000 -j ACCEPT

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •