[lug] amanda and iptables
John Hernandez
John.Hernandez at noaa.gov
Tue Jan 20 13:05:35 MST 2004
It is stock at least these recent RH9 and Fedora kernels:
/lib/modules/2.4.22-1.2115.nptl/kernel/net/ipv4/netfilter/ip_conntrack_amanda.o
/lib/modules/2.4.22-1.2138.nptl/kernel/net/ipv4/netfilter/ip_conntrack_amanda.o
/lib/modules/2.4.20-24.9/kernel/net/ipv4/netfilter/ip_conntrack_amanda.o
/lib/modules/2.4.20-28.9/kernel/net/ipv4/netfilter/ip_conntrack_amanda.o
I'm not sure about SuSE.
Dan Ferris wrote:
> You may have to run the patch-o-matic and recompile the kernel to use
> the Amanda tracking patch. I don't think it's part of the stock
> kernel in Red Hat and SuSE.
>
> Dan
>
> MATSUI Nobuki wrote:
>
>> I am using a narc to generate iptables rules and I have the rules
>> below in
>> /etc/narc/narc-custom.conf to allow an amanda server to communicate with
>> a local client. The problem is that even though those rules are being
>> applied (checked with iptables -L), they don't produce a desired effect.
>> Amanda's known to use random higher ports and that's why I have
>> 'RELATED'
>> in my rules. amcheck works fine though. Could anybody help?
>> best,
>>
>> /sbin/iptables -A INPUT -p tcp -s xxx.xxx.xxx.xxx -m state --state
>> NEW,RELATED,ESTABLISHED -j ACCEPT
>> /sbin/iptables -A INPUT -p udp -s xxx.xxx.xxx.xxx -m state --state
>> NEW,RELATED,ESTABLISHED -j ACCEPT
>>
>>
>> Nobuki Matsui
>> SRRB CIRES/NOAA
>>
>>
>>
>> _______________________________________________
>> Web Page: http://lug.boulder.co.us
>> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>
More information about the LUG
mailing list