View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000061 | bareos-core | General | public | 2013-02-09 09:42 | 2015-03-25 19:19 |
| Reporter | pstorz | Assigned To | |||
| Priority | normal | Severity | feature | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Platform | Linux | OS | any | OS Version | 3 |
| Product Version | 13.1.0 | ||||
| Fixed in Version | 13.1.0 | ||||
| Summary | 0000061: reverse data channel initialization | ||||
| Description | It would be nice if the initialization of the data channel could be reversed, so that the SD connects to the FD. This would make the network setup and firewalling much easier in many cases, and make tricks like ssh tunnels no longer necessary. For Example things like SDs being situated behind a NAT gateway would be no problem anymore. | ||||
| Tags | No tags attached. | ||||
| parent of | 0000227 | closed | directive Passive client not documented |
 |
TODO is creating a regression test. |
|
|
Fix committed to bareos master branch with changesetid 718. |
|
|
Fix committed to bareos2015 bareos-13.2 branch with changesetid 4274. |
|
|
Due to the reimport of the Github repository to bugs.bareos.org, the status of some tickets have been changed. These tickets will be closed again. Sorry for the noise. |
|
bareos: master c17a30e1 2013-05-04 21:13
Ported: N/A Details Diff |
Reverse data channel initialization It would be nice if the initialization of the data channel could be reversed, so that the SD connects to the FD. This would make the network setup and firewalling much easier in many cases, and make tricks like ssh tunnels no longer necessary. For Example things like SDs being situated behind a NAT gateway would be no problem anymore. We can also tag this as the firewall friendly solution. The default for all clients is still active mode e.g. FD contacts SD but when the DIR and SD are within a firewalled site and the FD is in a DMZ or out on the Internet you can define the client as a passive client and the DIR and SD will contact the FD so you have only socket connections being initiated from the secure site without the need for special resolving tricks (like a split DNS) and/or portforwarders on the firewall that tunnel the traffic from the DMZ or Internet to your SD. This passive mode is implemented for Backups, Restores and Verifies of Jobs. The Director checks the version of the client to make sure it supports the new passive protocol features. Fixes 0000061: reverse data channel initialization |
Affected Issues 0000061 |
|
| mod - src/stored/stored_conf.h | Diff File | ||
| mod - src/stored/stored_conf.c | Diff File | ||
| mod - src/stored/sd_cmds.c | Diff File | ||
| mod - src/stored/protos.h | Diff File | ||
| mod - src/stored/fd_cmds.c | Diff File | ||
| mod - src/stored/authenticate.c | Diff File | ||
| mod - src/stored/Makefile.in | Diff File | ||
| mod - src/include/jcr.h | Diff File | ||
| mod - src/filed/verify_vol.c | Diff File | ||
| add - src/filed/sd_cmds.c | Diff File | ||
| mod - src/filed/protos.h | Diff File | ||
| mod - src/filed/filed_conf.c | Diff File | ||
| mod - src/filed/filed.c | Diff File | ||
| mod - src/filed/authenticate.c | Diff File | ||
| mod - src/filed/Makefile.in | Diff File | ||
| mod - src/dird/verify.c | Diff File | ||
| mod - src/dird/ua_label.c | Diff File | ||
| mod - src/dird/sd_cmds.c | Diff File | ||
| mod - src/dird/restore.c | Diff File | ||
| mod - src/dird/fd_cmds.c | Diff File | ||
| mod - src/dird/dird_conf.h | Diff File | ||
| mod - src/dird/dird_conf.c | Diff File | ||
| mod - src/dird/dird.h | Diff File | ||
| mod - src/dird/bsr.c | Diff File | ||
| mod - src/dird/backup.c | Diff File | ||
|
bareos2015: bareos-13.2 2f80c5ec 2013-05-04 23:13 Ported: N/A Details Diff |
Reverse data channel initialization It would be nice if the initialization of the data channel could be reversed, so that the SD connects to the FD. This would make the network setup and firewalling much easier in many cases, and make tricks like ssh tunnels no longer necessary. For Example things like SDs being situated behind a NAT gateway would be no problem anymore. We can also tag this as the firewall friendly solution. The default for all clients is still active mode e.g. FD contacts SD but when the DIR and SD are within a firewalled site and the FD is in a DMZ or out on the Internet you can define the client as a passive client and the DIR and SD will contact the FD so you have only socket connections being initiated from the secure site without the need for special resolving tricks (like a split DNS) and/or portforwarders on the firewall that tunnel the traffic from the DMZ or Internet to your SD. This passive mode is implemented for Backups, Restores and Verifies of Jobs. The Director checks the version of the client to make sure it supports the new passive protocol features. Fixes 0000061: reverse data channel initialization |
Affected Issues 0000061 |
|
| mod - src/dird/backup.c | Diff File | ||
| mod - src/dird/bsr.c | Diff File | ||
| mod - src/dird/dird.h | Diff File | ||
| mod - src/dird/dird_conf.c | Diff File | ||
| mod - src/dird/dird_conf.h | Diff File | ||
| mod - src/dird/fd_cmds.c | Diff File | ||
| mod - src/dird/restore.c | Diff File | ||
| mod - src/dird/sd_cmds.c | Diff File | ||
| mod - src/dird/ua_label.c | Diff File | ||
| mod - src/dird/verify.c | Diff File | ||
| mod - src/filed/Makefile.in | Diff File | ||
| mod - src/filed/authenticate.c | Diff File | ||
| mod - src/filed/filed.c | Diff File | ||
| mod - src/filed/filed_conf.c | Diff File | ||
| mod - src/filed/protos.h | Diff File | ||
| add - src/filed/sd_cmds.c | Diff File | ||
| mod - src/filed/verify_vol.c | Diff File | ||
| mod - src/include/jcr.h | Diff File | ||
| mod - src/stored/Makefile.in | Diff File | ||
| mod - src/stored/authenticate.c | Diff File | ||
| mod - src/stored/fd_cmds.c | Diff File | ||
| mod - src/stored/protos.h | Diff File | ||
| mod - src/stored/sd_cmds.c | Diff File | ||
| mod - src/stored/stored_conf.c | Diff File | ||
| mod - src/stored/stored_conf.h | Diff File | ||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2013-02-09 09:42 | pstorz | New Issue | |
| 2013-02-09 10:30 | mvwieringen | Target Version | => 12.4.0 |
| 2013-02-09 10:30 | mvwieringen | Fixed in Version | => 12.4.0 |
| 2013-02-09 10:30 | mvwieringen | Severity | minor => feature |
| 2013-02-09 10:30 | mvwieringen | Description Updated | |
| 2013-03-17 16:36 | mvwieringen | Assigned To | => mvwieringen |
| 2013-03-17 16:36 | mvwieringen | Status | new => assigned |
| 2013-03-17 16:37 | mvwieringen | Product Version | => 13.1.0 |
| 2013-03-27 17:05 | mvwieringen | Changeset attached | => bareos master 1dce1de5 |
| 2013-03-27 17:05 | mvwieringen | Status | assigned => closed |
| 2013-03-27 17:05 | mvwieringen | Resolution | open => fixed |
| 2013-03-27 17:12 | mvwieringen | Assigned To | mvwieringen => |
| 2013-03-27 17:12 | mvwieringen | Fixed in Version | => 13.1.0 |
| 2013-05-24 12:52 | pstorz | Assigned To | => pstorz |
| 2013-05-24 12:52 | pstorz | Status | closed => resolved |
| 2013-07-04 13:07 | pstorz | Note Added: 0000488 | |
| 2013-07-11 09:01 |
|
Status | resolved => closed |
| 2013-07-11 09:01 |
|
Assigned To | pstorz => |
| 2013-08-13 03:12 |
|
Changeset attached | => bareos master c17a30e1 |
| 2013-08-13 03:12 |
|
Note Added: 0000601 | |
| 2013-08-13 03:12 |
|
Assigned To | => mvwieringen adm |
| 2013-08-13 03:12 |
|
Status | closed => resolved |
| 2013-08-13 09:20 |
|
Assigned To | mvwieringen adm => |
| 2013-08-13 09:20 |
|
Status | resolved => closed |
| 2013-10-11 16:52 | maik | Relationship added | parent of 0000227 |
| 2015-03-25 16:51 | mvwieringen | Changeset attached | => bareos2015 bareos-13.2 2f80c5ec |
| 2015-03-25 16:51 | mvwieringen | Note Added: 0001421 | |
| 2015-03-25 16:51 | mvwieringen | Status | closed => resolved |
| 2015-03-25 19:19 | joergs | Note Added: 0001578 | |
| 2015-03-25 19:19 | joergs | Status | resolved => closed |
