Backup failed with iptables

Laurent_Urrutia · September 3, 2018, 2:07pm

Hi All,

I use Urbackup since one years for save all data in my company.
Recently i’ve setting the security setting on my debian Backup server.
For this reason i’ve add the rules on iptables, set sudo and create admin account and install portsentry.
Just after that, all backup no longer worked
I’ve check all the rules but i’ve a same issue each time i want to start a backup

Server : Debian 7
Windows server : Win 2008, 2012 and 2016

Urbackup srv version : 2.2.10
Urbackup client version : 2.2.6

Iptables rules for Urbackup :

#UrBackup 
iptables -t filter -A OUTPUT -p udp --dport 35623 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 55413 -j ACCEPT 
iptables -t filter -A INPUT -p tcp --dport 55414 -j ACCEPT  
iptables -t filter -A INPUT -p tcp --dport 55415 -j ACCEPT

Firewall rules for each clients :

Clients logs :

2018-08-30 01:02:28: ERROR: FileSrv: Could not open file \?\F:. Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. (code: 32)
2018-08-30 01:02:28: ERROR: FileSrv: Could not open file \?\F:. Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. (code: 32)
2018-08-30 15:34:19: ERROR: Recvfrom error in CUDPThread::UdpStep
2018-08-30 15:34:19: ERROR: Last error: 10058
2018-09-03 10:57:34: ERROR: Recvfrom error in CUDPThread::UdpStep
2018-09-03 10:57:34: ERROR: Last error: 10058
2018-09-03 13:26:33: ERROR: Recvfrom error in CUDPThread::UdpStep
2018-09-03 13:26:33: ERROR: Last error: 10058

Server logs :

2018-09-03 13:33:14: ERROR: Backing up System Reserved (SYSVOL) partition failed. Image backup failed
2018-09-03 13:33:14: ERROR: Backup failed
2018-09-03 13:33:15: ERROR: Sending broadcast failed!
2018-09-03 13:33:15: ERROR: Sending broadcast failed!
2018-09-03 13:33:15: WARNING: Exponential backoff: Waiting at least 40m before next image backup
2018-09-03 13:33:25: WARNING: Connecting to ClientService of “TOUSRVC10” failed: Sending logdata to client failed
2018-09-03 13:33:46: ERROR: Connecting to ClientService of “Rip-Xitron” failed: Getting MBR for drive SYSVOL failed
2018-09-03 13:33:56: ERROR: Connecting to “Rip-Xitron” for image backup failed
2018-09-03 13:33:56: ERROR: Error opening file ‘/media/TOUNAS02/BACKUPS/HP-ESKO6800-2/171015-2046_Image_SYSVOL/Image_SYSVOL_171015-2046.vhdz’
2018-09-03 13:33:56: ERROR: Error opening file ‘/media/TOUNAS02/BACKUPS/HP-ESKO6800-2/171015-2047_Image_C/Image_C_171015-2047.vhdz’
2018-09-03 13:33:56: ERROR: Error opening file ‘/media/TOUNAS02/BACKUPS/HP-ESKO6800-2/171015-2153_Image_D/Image_D_171015-2153.vhdz’

Nmap :

Starting Nmap 6.00 ( http://nmap.org ) at 2018-09-03 16:03 CEST
sendto in send_ip_packet_sd: sendto(4, packet, 28, 0, 10.30.0.117, 16) => Operation not permitted
Offending packet: UDP 10.30.0.122:34771 > 10.30.0.117:35623 ttl=55 id=35047 iplen=28
sendto in send_ip_packet_sd: sendto(4, packet, 28, 0, 10.30.0.117, 16) => Operation not permitted
Offending packet: UDP 10.30.0.122:34772 > 10.30.0.117:35623 ttl=38 id=17160 iplen=28
Nmap scan report for 10.30.0.117
Host is up (0.00027s latency).
PORT STATE SERVICE
35623/udp open|filtered unknown
MAC Address: 80:18:44:E2:51:60 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.41 seconds

For the moment if i stop firewall on debian server i can backup all the client
Have you an idea where the problem come from ? I’ve forgot to add a port in iptables rules ?
Thank’s for your help

Laurent_Urrutia · September 4, 2018, 12:01pm

return of shell isof

LU40468@TOUBAK01:~$ sudo lsof -i |grep urbackup
urbackups 32318 urbackup 6u IPv4 1083716 0t0 TCP *:55414 (LISTEN)
urbackups 32318 urbackup 29u IPv4 1088196 0t0 UDP 10.30.0.117:35623
urbackups 32318 urbackup 30u IPv4 1088197 0t0 UDP 10.1.1.3:35623
urbackups 32318 urbackup 40u IPv4 1083745 0t0 TCP *:55413 (LISTEN)

Laurent_Urrutia · September 4, 2018, 1:03pm

I’ve restart a full backup with log level debug for server and client
Step by step : Descativate firewall → start full backup = ok → Reactivate firewall → Start full backup = Nok

Server log :

2018-09-04 14:17:31: Starting unscheduled full image backup of volume “ESP”…
2018-09-04 14:17:31: Request of EFI System Partition failed. Reason: Not found
2018-09-04 14:17:31: Transferred 139 bytes - Average speed: 74.128 KBit/s
2018-09-04 14:17:31: Script does not exist urbackup/post_full_imagebackup
2018-09-04 14:17:31: msg=WAKEUP
2018-09-04 14:17:32: Backing up EFI System Partition done.
2018-09-04 14:17:32: Basing image backup on last full image backup
2018-09-04 14:17:32: msg=WAKEUP
2018-09-04 14:17:39: WARNING: Error sending mail to “laurent.urrutia@eurostampa.com”. Failure when receiving data from the peer(ec=56), . Retrying in 30m
2018-09-04 14:17:46: Starting passive WAL checkpoint of urbackup/backup_server.db…
2018-09-04 14:17:56: Passive WAL checkpoint of urbackup/backup_server.db completed busy=0 checkpointed=35269 log=35269
2018-09-04 14:17:56: Syncing database urbackup/backup_server.db…
2018-09-04 14:17:56: Syncing wal file urbackup/backup_server.db-wal…
2018-09-04 14:17:56: Files WAL file urbackup/backup_server.db-wal greater than 100 MB. Doing full WAL checkpoint…
2018-09-04 14:17:56: Full checkpoint of urbackup/backup_server.db-wal done.
2018-09-04 14:18:00: Resetting channel to Serveur2008 because session identity changed.
2018-09-04 14:18:00: Resetting channel to TOUSRVC10 because session identity changed.
2018-09-04 14:18:00: Resetting channel to Rip-Xitron because session identity changed.
2018-09-04 14:18:00: Resetting channel to TOUPRI10 because session identity changed.
2018-09-04 14:18:02: Resetting channel to TOUSAGE10 because session identity changed.
2018-09-04 14:24:48: Looking for old Sessions… 3 sessions
2018-09-04 14:25:00: WARNING: Error sending mail to “laurent.urrutia@eurostampa.com”. Failure when receiving data from the peer(ec=56), . Retrying in 30m
2018-09-04 14:25:05: Starting passive WAL checkpoint of urbackup/backup_server.db…
2018-09-04 14:25:12: Passive WAL checkpoint of urbackup/backup_server.db completed busy=0 checkpointed=35170 log=35170
2018-09-04 14:25:12: Syncing database urbackup/backup_server.db…
2018-09-04 14:25:12: Syncing wal file urbackup/backup_server.db-wal…
2018-09-04 14:25:12: Files WAL file urbackup/backup_server.db-wal greater than 100 MB. Doing full WAL checkpoint…
2018-09-04 14:25:12: Full checkpoint of urbackup/backup_server.db-wal done.
2018-09-04 14:27:53: Trim beyond drivesize (drivesize: 135839350272 trim to 135839350784). Trimming less…
2018-09-04 14:27:54: Transferred 3.58752 GB - Average speed: 49.4971 MBit/s
2018-09-04 14:27:54: Script does not exist urbackup/post_incr_imagebackup
2018-09-04 14:27:54: Time taken for backing up client TOUSAGE10: 10m 50s
2018-09-04 14:27:54: Backup succeeded
2018-09-04 14:27:54: Updating statistics…
2018-09-04 14:27:54: Updating image stats…
2018-09-04 14:27:55: Updating file statistics…
2018-09-04 14:27:55: msg=WAKEUP
2018-09-04 14:27:55: Done updating statistics.
2018-09-04 14:28:17: ERROR: Sending broadcast failed!
2018-09-04 14:28:17: ERROR: Sending broadcast failed!
2018-09-04 14:28:23: msg=START IMAGE INCR
2018-09-04 14:28:23: Cannot do image backup because internet_no_images=true
2018-09-04 14:28:23: Starting unscheduled incremental image backup of volume “C:”…
2018-09-04 14:28:23: Backing up SYSVOL…
2018-09-04 14:28:23: Starting unscheduled full image backup of volume “SYSVOL”…
2018-09-04 14:28:26: Sending file “/usr/share/urbackup/www/images/indicator.gif”
2018-09-04 14:28:26: Sending file: /usr/share/urbackup/www/images/indicator.gif
2018-09-04 14:28:26: Sending file: /usr/share/urbackup/www/images/indicator.gif done
> 2018-09-04 14:28:33: ERROR: Connecting to ClientService of “TOUSAGE10” failed: Getting MBR for drive SYSVOL failed
> 2018-09-04 14:28:33: Connecting to ClientService of “TOUSAGE10” failed: Error sending ‘running’ (2) ping to client
> 2018-09-04 14:28:33: Error sending ‘running’ (3) ping to client
2018-09-04 14:28:43: ERROR: Connecting to “TOUSAGE10” for image backup failed
2018-09-04 14:28:44: ERROR: Backing up System Reserved (SYSVOL) partition failed. Image backup failed
2018-09-04 14:28:44: Time taken for backing up client TOUSAGE10: 21s
2018-09-04 14:28:44: ERROR: Backup failed
2018-09-04 14:28:44: msg=WAKEUP
2018-09-04 14:28:45: msg=WAKEUP
2018-09-04 14:28:45: WARNING: Exponential backoff: Waiting at least 40m before next image backup
2018-09-04 14:28:53: Connecting to ClientService of “TOUSAGE10” failed: Error sending ‘running’ (2) ping to client
2018-09-04 14:28:53: Error sending ‘running’ (3) ping to client
2018-09-04 14:28:55: WARNING: Connecting to ClientService of “TOUSAGE10” failed: Sending logdata to client failed
2018-09-04 14:29:07: ERROR: Sending broadcast failed!
2018-09-04 14:29:07: ERROR: Sending broadcast failed!

Log client :

2018-09-04 14:27:55: ClientService cmd: #IP7RJH7Gh5mplK5I6TWpy#2LOGDATA 1536064074 0-1536063424-Starting unscheduled incremental image backup of volume “C:”…
0-1536063452-Basing image backup on last full image backup
0-1536064074-Transferred 3.58752 GB - Average speed: 49.4971 MBit/s
0-1536064074-Time taken for backing up client TOUSAGE10: 10m 50s
0-1536064074-Backup succeeded

2018-09-04 14:27:55: rc=0 hasError=true state=0
2018-09-04 14:27:55: ClientService cmd: STATUS DETAIL#pw=
2018-09-04 14:27:56: ClientService cmd: STATUS DETAIL#pw=
2018-09-04 14:27:57: ClientService cmd: STATUS DETAIL#pw=
2018-09-04 14:27:58: ClientService cmd: STATUS DETAIL#pw=
2018-09-04 14:27:59: ClientService cmd: STATUS DETAIL#pw=
2018-09-04 14:28:00: ClientService cmd: STATUS DETAIL#pw=
2018-09-04 14:28:01: ClientService cmd: STATUS DETAIL#pw=
2018-09-04 14:28:02: ClientService cmd: PONG
2018-09-04 14:28:02: ClientService cmd: STATUS DETAIL#pw=
2018-09-04 14:28:03: rc=0 hasError=true state=0
2018-09-04 14:28:03: ClientService cmd: STATUS DETAIL#pw=

Laurent_Urrutia · September 4, 2018, 3:51pm

Next, i’ve reinstall urbackup client on one server without success

Complete iptables rules :

LU40468@TOUBAK01:~$ Chain INPUT (policy num pkts bytes target 1 11987 34M ACCEPT 2 0 0 ACCEPT 3 0 0 ACCEPT 4 0 0 ACCEPT 5 0 0 ACCEPT 6 0 0 ACCEPT 7 0 0 ACCEPT 8 0 0 ACCEPT 9 0 0 ACCEPT 10 1 78 ACCEPT 11 0 0 ACCEPT 12 0 0 ACCEPT 13 0 0 ACCEPT 14 0 0 ACCEPT 15 0 0 ACCEPT 16 0 0 ACCEPT 17 0 0 ACCEPT 18 0 0 ACCEPT 19 0 0 ACCEPT 20 0 0 ACCEPT 21 0 0 ACCEPT 22 0 0 ACCEPT sudo iptables -nL -v --line-numbers
DROP 7 packets, 1489 bytes)
prot opt in out source destination
all – * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
all – lo * 0.0.0.0/0 0.0.0.0/0
all – bond0 * 0.0.0.0/0 0.0.0.0/0
icmp – * * 0.0.0.0/0 0.0.0.0/0
tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587
udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138
tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:548
tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:55413
tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:55414
tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3260
udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:3260
tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:12489
udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:161
udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:162

Chain FORWARD (policy DROP 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 8279 28M ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 0 0 ACCEPT all – * lo 0.0.0.0/0 0.0.0.0/0
3 0 0 ACCEPT all – * bond0 0.0.0.0/0 0.0.0.0/0
4 0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0
5 0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
6 0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
7 0 0 ACCEPT udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
8 0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
9 0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587
10 0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:548
11 0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
12 0 0 ACCEPT udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:35623
13 0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3260
14 0 0 ACCEPT udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:3260
15 0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:12489
16 0 0 ACCEPT udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:161
17 0 0 ACCEPT udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:162
18 0 0 ACCEPT udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123

ifconfig

LU40468@TOUBAK01:~$ sudo ifconfig
bond0: flags=5187<UP,BROADCAST,RUNNING,MASTER,MULTICAST> mtu 1500
inet 10.1.1.3 netmask 255.255.255.0 broadcast 10.1.1.255
inet6 fe80::8218:44ff:fee2:5161 prefixlen 64 scopeid 0x20
ether 80:18:44:e2:51:61 txqueuelen 1000 (Ethernet)
RX packets 59216364 bytes 69599472159 (64.8 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 147844200 bytes 207356584096 (193.1 GiB)
TX errors 0 dropped 3 overruns 0 carrier 0 collisions 0

eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.30.0.117 netmask 255.255.248.0 broadcast 10.30.7.255
inet6 fe80::8218:44ff:fee2:5160 prefixlen 64 scopeid 0x20
ether 80:18:44:e2:51:60 txqueuelen 1000 (Ethernet)
RX packets 234485889 bytes 304708580632 (283.7 GiB)
RX errors 0 dropped 461 overruns 0 frame 0
TX packets 92123553 bytes 59480081912 (55.3 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 32

eno2: flags=6211<UP,BROADCAST,RUNNING,SLAVE,MULTICAST> mtu 1500
ether 80:18:44:e2:51:61 txqueuelen 1000 (Ethernet)
RX packets 59130563 bytes 69588485999 (64.8 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4458 bytes 509184 (497.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 52

eno3: flags=6211<UP,BROADCAST,RUNNING,SLAVE,MULTICAST> mtu 1500
ether 80:18:44:e2:51:61 txqueuelen 1000 (Ethernet)
RX packets 85801 bytes 10986160 (10.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 147839742 bytes 207356074912 (193.1 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 54

eno4: flags=6147<UP,BROADCAST,SLAVE,MULTICAST> mtu 1500
ether 80:18:44:e2:51:61 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 55

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1 (Boucle locale)
RX packets 303857 bytes 33750978 (32.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 303857 bytes 33750978 (32.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0