Re: [Bacula-users] Problem with a backup behind a firewall

Sun, 17 Jun 2007 15:46:16 -0700 

?


2007/6/17, tomasz <[EMAIL PROTECTED]>:


Jean-François Leroux wrote:
> Hi,
> I'm trying to backup a server in an external zone.
>
> Here's my setup :
>
> Director is in machine located in the private network. Storage is (disk)
> on another machine in the private network. Client is a machine in the
> external lan. In between, there is another machine (let's call it FW for
> instance) with an iptables script.
>
> What's working :
> I can connect to the client and run estimate Ok. Here's what I added to
> the firewall to do so :
>
> # Director  communicates with external network
> iptables -A INPUT -s $INTIP -d $EXTIP -m state --state NEW,ESTABLISHED
> -m tcp -p tcp --dport 9102 -j ACCEPT
>
> iptables -A FORWARD -s $EXTIP -d $INTIP -p tcp --dport 9102 -j ACCEPT
> iptables -A FORWARD -d $EXTIP -s $INTIP -p tcp --sport 9102 -j ACCEPT
>
> Where $INTP is the Director IP and $EXTIP the client machine.
>
> Now, that's what I tried for the storage daemon :
> iptables -A INPUT -s $INTIPSTOR -d $EXTIP -m state --state
> NEW,ESTABLISHED -m tcp -p tcp --dport 9102 -j ACCEPT
>
> iptables -A FORWARD -s $EXTIP -d $INTIPSTOR -p tcp --sport 9101:9103 -j
> ACCEPT
> iptables -A FORWARD -d $EXTIP -s $INTIPSTOR -p tcp ---sport 9101:9103 -j
> ACCEPT
>
> Where INTIPSTOR is the Storage daemon IP.
>
> Unfortunately, that doesn't work and I fail to see why. Bacula says
> Storage is waiting for client to connect to the storage daemon. Would
> you have any idea ?
>
> PS : of course, I have tried with machines in the internal zone and that
> works fine, so I guess there's is something I don't get in the
> interactions between fireawall and bacula.
>
> Thanks for your ideas :)
>

VPN?


--
bEsT rEgArDs            |       "Confidence is what you have before you
tomasz dereszynski      |       understand the problem." -- Woody Allen
TD840-RIPE              |


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users

Reply via email to