How to recieve SMTP mail with iptables - sending works

sade_bhat_at_yahoo.com
Date: 06/07/05


Date: 7 Jun 2005 07:07:09 -0700

I have a mail server in a network with Redhat linux firewall. It is
connected to internet with etho and local network with eth1. The eth0
is
connected to netgear wireless router which is connected to the adsl.
I can send a mail to outside from the mail server. But any mail sent to
it
from outside fails. The adsl has a static IP address.

I am listing the iptables rules here. I did search on the net and
changed all
possible configs still nothing seems to work.Browsing from the network
is
woring fine.
I will appreciate any help or pointers in the right direction.

The iptable Rules (Current) are :

IFWWW=eth0
IFMYNET=eth1
IPWWW=192.168.0.3
IPMYNET=192.168.10.2

/etc/rc.d/init.d/iptables stop
iptables -F
iptables -t nat FLUSH
iptables --delete-chain
iptables -A INPUT -i lo -p all -j ACCEPT
iptables -A OUTPUT -i lo -p all -j ACCEPT
iptables -A INPUT -p tcp --tcp-option !2 -j REJECT --reject-with
tcp-reset
iptables -A INPUT -p tcp -i eth0 --dport 25 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 21 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 53 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 80 -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -p tcp -dport 25 --syn -m state --state NEW -j
ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp -dport 25 -j DNAT \
  --to 192.168.10.5:25
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

iptables -A FORWARD -i $IFMYNET -j ACCEPT

echo 1> /proc/sys/net/ipv4/ip_forward
/etc/rc.d/init.d/iptables save
/etc/rc.d/init.d/iptables start

I can telnet to the local mail server from the linux.

Thanks for any help.



Relevant Pages

  • Re: /etc/network/interfaces changed in 7.10?
    ... Network manager ignores interfaces defined in /etc/network/interfaces, ... the interface must be _up_ before you can define iptables rules on ...
    (Ubuntu)
  • Re: Bridging network adapters in Linux
    ... ip addr add $address/$netbits dev br0 ... Either a default route ... two network devices assuming, ... This is done using the iptables mechanism. ...
    (comp.os.linux.networking)
  • Re: Questions on some wierd /var/log entries
    ... How do I find out if I'm on an ipv6 network? ... That is because I prefer using iptables directly. ... then you should start learning about its firewall ... Another important restriction for ssh is to authenticate by certificate ...
    (comp.os.linux.misc)
  • Re: iptables, virtualbox and port forwarding
    ... learn that the iptables command does not save it's configuration. ... I had some network knowledge in the past, ... iptables-save, which will save the current ruleset, and a restore ...
    (Debian-User)
  • Re: newbie needs help with iptables basics (please)
    ... >I have RTFM (man iptables) and have read several docs off the net and pages ... Implement Multi-Router Traffic Grapher to establish network ... discuss & plan the implementation of Snort 2.0 Intrustion ... Install Snort 2.0 Network-based Intrusion Detection System ...
    (comp.os.linux.security)