on Tue Jul 16 [EMAIL PROTECTED] spoke forth with the blessed manuscript > i'm sure someone has looked at this already. my internal server within > my internal lan has been wrapped up with iptables. in and out is clearly > defined on the box.
> amdump (amanda 2.4.2) appears to use specified ports (such as 10080, > 10081, 10082, and 10083). BUT then the actual transfer of data seems > to go over another port. these ports don't appear to be fixed and > range quite a bit (different every time). > any ideas as to how to handle this in iptables? I actually just did this last night and whether it's correct or not here is what I did and it seems to work: -A tcp_shi* -s 192.168.1.0/255.255.255.0 -p tcp -m tcp -m multiport --dports amandaidx,amidxtape -j ACCEPT -A tcp_shi* -s 66.137.146.200/255.255.255.248 -p tcp -m tcp -m multiport --dports amandaidx,amidxtape -j ACCEPT -A tcp_shi* -s 192.168.1.0/255.255.255.0 -p udp -m udp --sport 10080 -j ACCEPT -A tcp_shi* -s 66.137.146.200/255.255.255.248 -p udp -m udp --dport 10080 -j ACCEPT --