--On Wednesday, March 17, 2004 13:12:19 -0600 "Barry A. Trent" <[EMAIL PROTECTED]> wrote:
>> Iptables firewalls on a newer kernel has Amanda support built in, >> otherwise you either need gaping holes in the firewall or need to >> compile with the portrange options. I agree that it should be a >> conf file setting, but its not. > > How new a kernel are we talking about? Is there specific support for > Amanda, or are you just referring to the "stateful packet inspection" > features of iptables? I don't recall when it was added in, perhaps it wasn't until the 2.5 series. Device drivers -> Networking support -> Networking options -> network packet filtering (replaces ipchains) -> IP: netfilter configuration -> Connection tracking -> Amanda backup protocol support CONFIG_IP_NF_AMANDA=y is the actual .config line I believe it considers replies from the clients as 'related established' packets, just like it does with FTP data port connctions. All that said, I haven't actually used it, since I had already started configuring and compiling Amanda with the portrange options, but supposedly it does work. Frank -- Frank Smith [EMAIL PROTECTED] Sr. Systems Administrator Voice: 512-374-4673 Hoover's Online Fax: 512-374-4501