Re: [Bacula-users] Problem with a backup behind a firewall

Sun, 17 Jun 2007 12:39:54 -0700 

Jean-François Leroux wrote:
> Hi,
> I'm trying to backup a server in an external zone.
> 
> Here's my setup :
> 
> Director is in machine located in the private network. Storage is (disk)
> on another machine in the private network. Client is a machine in the
> external lan. In between, there is another machine (let's call it FW for
> instance) with an iptables script.
> 
> What's working :
> I can connect to the client and run estimate Ok. Here's what I added to
> the firewall to do so :
> 
> # Director  communicates with external network
> iptables -A INPUT -s $INTIP -d $EXTIP -m state --state NEW,ESTABLISHED
> -m tcp -p tcp --dport 9102 -j ACCEPT
> 
> iptables -A FORWARD -s $EXTIP -d $INTIP -p tcp --dport 9102 -j ACCEPT
> iptables -A FORWARD -d $EXTIP -s $INTIP -p tcp --sport 9102 -j ACCEPT
> 
> Where $INTP is the Director IP and $EXTIP the client machine.
> 
> Now, that's what I tried for the storage daemon :
> iptables -A INPUT -s $INTIPSTOR -d $EXTIP -m state --state
> NEW,ESTABLISHED -m tcp -p tcp --dport 9102 -j ACCEPT
> 
> iptables -A FORWARD -s $EXTIP -d $INTIPSTOR -p tcp --sport 9101:9103 -j
> ACCEPT
> iptables -A FORWARD -d $EXTIP -s $INTIPSTOR -p tcp ---sport 9101:9103 -j
> ACCEPT
> 
> Where INTIPSTOR is the Storage daemon IP.
> 
> Unfortunately, that doesn't work and I fail to see why. Bacula says
> Storage is waiting for client to connect to the storage daemon. Would
> you have any idea ?
> 
> PS : of course, I have tried with machines in the internal zone and that
> works fine, so I guess there's is something I don't get in the
> interactions between fireawall and bacula.
> 
> Thanks for your ideas :)
> 

VPN?


-- 
bEsT rEgArDs            |       "Confidence is what you have before you
tomasz dereszynski      |       understand the problem." -- Woody Allen
TD840-RIPE              |

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users

Reply via email to