Gabriel - IP Guys wrote: > > > Dear All, > > > > I need some fresh eyes on this at the moment. I made this entry in the > firewall scripts of my Linux servers which will be running some > component of Bacula > > > > iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 9101:9103 > -j ACCEPT > > > > I will add the source directive when I'm looking it all down, will this > line in the firewall of all clients will allow bacula to work correctly? > For some reason, I am having issues getting this to work, the > configuration is fine, because it can backup and communicate locally > with no issues. Any tips would be appreciated. Thank you > > --- > > Kind Regards, > > Mr Gabriel > > >
also, I'm assuming you are talking about a seperate linux firewall/gateway. my previous post is not for iptables running on the backup client. client config would look something like this: # Flush old rules, old custom tables iptables --flush iptables --delete-chain # Set default policies for all three default chains iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP # Enable free use of loopback interfaces iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT # All TCP sessions should begin with SYN iptables -A INPUT -p tcp ! --syn -m state --state NEW -s 0.0.0.0/0 -j DROP # Accept inbound TCP packets iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp --dport 9103 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT # Accept inbound ICMP messages iptables -A INPUT -p ICMP --icmp-type 8 -s 0.0.0.0/0 -j ACCEPT iptables -A INPUT -p ICMP --icmp-type 11 -s 0.0.0.0/0 -j ACCEPT # Accept outbound packets iptables -I OUTPUT 1 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p udp --dport 53 -m state --state NEW -j ACCEPT ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
