Hi, On 6/16/2007 6:14 PM, Jean-François Leroux wrote: > Hi, > I'm trying to backup a server in an external zone. > > Here's my setup : > > Director is in machine located in the private network. Storage is (disk) > on another machine in the private network. Client is a machine in the > external lan. In between, there is another machine (let's call it FW for > instance) with an iptables script. ... > Now, that's what I tried for the storage daemon : > iptables -A INPUT -s $INTIPSTOR -d $EXTIP -m state --state > NEW,ESTABLISHED -m tcp -p tcp --dport 9102 -j ACCEPT > > iptables -A FORWARD -s $EXTIP -d $INTIPSTOR -p tcp --sport 9101:9103 -j > ACCEPT > iptables -A FORWARD -d $EXTIP -s $INTIPSTOR -p tcp ---sport 9101:9103 -j > ACCEPT > > Where INTIPSTOR is the Storage daemon IP. > > Unfortunately, that doesn't work and I fail to see why. Bacula says > Storage is waiting for client to connect to the storage daemon. Would > you have any idea ?
I haven't verified this, but it might help to allow connections from the FD on extip to INTIP port 9103. If I understand your setup correctly, you allow connections from EXTIP:9101-9103, but I guess the FD will not necessarily use that source port range. > PS : of course, I have tried with machines in the internal zone and that > works fine, so I guess there's is something I don't get in the > interactions between fireawall and bacula. Well, just observe from what port the FD initiates its connection to the SD... > Thanks for your ideas :) Hope it helps, Arno > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > > > ------------------------------------------------------------------------ > > _______________________________________________ > Bacula-users mailing list > Bacula-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bacula-users -- IT-Service Lehmann [EMAIL PROTECTED] Arno Lehmann http://www.its-lehmann.de ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
