firewall ports not working
Alexander Dalloz
ad+lists at uni-x.org
Sat Jul 23 16:32:52 UTC 2005
Am Sa, den 23.07.2005 schrieb Eric Wagar um 15:52:
> > Please post the output of "service iptables status". What you posted in
> > your first mail was incomplete an probably hides the problem.
>
> The previous output was from what I thought the relevant file
> information from the /etc/sysconfig/iptables. But, the following output
> is the service output:
> Table: filter
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
> RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
> ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0
> limit: avg 2/sec burst 5
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> multiport sports 20,25
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> spts:2224:2225
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> multiport sports 8009,8080
>
> Chain RH-Firewall-1-INPUT (2 references)
> target prot opt source destination
> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
> ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
> limit: avg 2/sec burst 5
> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> multiport dports 21,80,6969
> ACCEPT tcp -- 209.25.194.144/28 209.25.194.144/28 tcp dpt:53
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> dpts:2224:2225
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> multiport dports 8009,8080
> REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with
> icmp-host-prohibited
Looks like it should allow traffic on port 25. If you switch down
iptables by running "service iptables stop" you are able to connect to
Postfix by using telnet to port 25 from another host? With iptables on
you can only reach port 25 on localhost?
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp
Serendipity 18:30:54 up 7 days, 23:03, load average: 0.50, 0.60, 0.64
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050723/de101471/attachment-0001.sig>
More information about the fedora-list
mailing list