On Tue, 2009-06-23 at 21:52 +0200, Arno Lehmann wrote: > Hi, > > 23.06.2009 17:04, Dirk Bartley wrote: > > Sure, iptables allows for connection based rules as well as the old > > ipchains style rules based rules. > > > > So your probably using connection based rules like : > > iptables -A INPUT -p tcp -m state --state ESTABLISHED -j ACCEPT > > iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT > > > > just add something like > > > > iptables -A INPUT -p tcp --source fd_dmz_ipaddress --destination > > sd_internal_address --dport 9103 ACCEPT > > Yup. That should work. > > But back to your problem, Dirk: Have you tried the "heartbeat > interval" setting? That should generate some traffic so that the pix > doesn't time-out the seemingly stale connection.
Tried 2 different things and on of them fixed it. Added heartbeat interval = 90 to the file daemon in the dmz and also added "sysopt connection timewait" to the firewall. One of the two fixed it, well at least I got a good full backup last night. Thanks for the suggesion! Dirk > > Arno ------------------------------------------------------------------------------ _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users