Re: Iptables, tcpdump and smtp... Hmmm
From: Karl Heyes (karl_heyes@removethisbit.lineone.net)Date: 12/21/01
- Next message: Michael Erskine: "Re: looks like a worm to me."
- Previous message: Sangwon So: "Re: Can't "su""
- In reply to: Edoardo Costa: "Iptables, tcpdump and smtp... Hmmm"
- Next in thread: Sangwon So: "Re: Iptables, tcpdump and smtp... Hmmm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Karl Heyes <karl_heyes@removethisbit.lineone.net> Date: Fri, 21 Dec 2001 00:13:19 +0000
On Thu, 20 Dec 2001 22:43:45 +0000, Edoardo Costa wrote:
> Hi all,
> I got a little problem with my fw and I can't figure out what's wrong.
>
> I opened it up (smtp) to make sure I could send my mail:
>
> $ipt -A INPUT -v -p TCP --dport 25 -j ACCEPT
> $ipt -A OUTPUT -v -p TCP --dport 25 -j ACCEPT
>
> (short term sollution ;)
>
> My mail still doesn't go out!
> I ran a tcp dump with the firewall activated and one without. The
> mail only goes out *without* the firewall and the only difference I
> can find in the tcpdump log is that the mal isn't pushed (P flag).
>
> Can anyone tell me what I'm restricting?
The SMTP server is trying to talk to your machine on port some high
number port eg 1052 in the snapshot, and the firewall is disallowing
it.
$ipt -A INPUT -p tcp --sport smtp -i ppp0 -j ACCEPT
That will allow the remote box to connect in. You want to state the
source IP but yahoo use various servers.
karl.
- Next message: Michael Erskine: "Re: looks like a worm to me."
- Previous message: Sangwon So: "Re: Can't "su""
- In reply to: Edoardo Costa: "Iptables, tcpdump and smtp... Hmmm"
- Next in thread: Sangwon So: "Re: Iptables, tcpdump and smtp... Hmmm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
