How to recieve SMTP mail with iptables - sending works
Date: 06/07/05

Date: 7 Jun 2005 07:07:09 -0700

I have a mail server in a network with Redhat linux firewall. It is
connected to internet with etho and local network with eth1. The eth0
connected to netgear wireless router which is connected to the adsl.
I can send a mail to outside from the mail server. But any mail sent to
from outside fails. The adsl has a static IP address.

I am listing the iptables rules here. I did search on the net and
changed all
possible configs still nothing seems to work.Browsing from the network
woring fine.
I will appreciate any help or pointers in the right direction.

The iptable Rules (Current) are :


/etc/rc.d/init.d/iptables stop
iptables -F
iptables -t nat FLUSH
iptables --delete-chain
iptables -A INPUT -i lo -p all -j ACCEPT
iptables -A OUTPUT -i lo -p all -j ACCEPT
iptables -A INPUT -p tcp --tcp-option !2 -j REJECT --reject-with
iptables -A INPUT -p tcp -i eth0 --dport 25 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 21 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 53 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 80 -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -p tcp -dport 25 --syn -m state --state NEW -j
iptables -t nat -A PREROUTING -i eth0 -p tcp -dport 25 -j DNAT \
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE


echo 1> /proc/sys/net/ipv4/ip_forward
/etc/rc.d/init.d/iptables save
/etc/rc.d/init.d/iptables start

I can telnet to the local mail server from the linux.

Thanks for any help.

Relevant Pages

  • Re: /etc/network/interfaces changed in 7.10?
    ... Network manager ignores interfaces defined in /etc/network/interfaces, ... the interface must be _up_ before you can define iptables rules on ...
  • Re: Bridging network adapters in Linux
    ... ip addr add $address/$netbits dev br0 ... Either a default route ... two network devices assuming, ... This is done using the iptables mechanism. ...
  • Re: Questions on some wierd /var/log entries
    ... How do I find out if I'm on an ipv6 network? ... That is because I prefer using iptables directly. ... then you should start learning about its firewall ... Another important restriction for ssh is to authenticate by certificate ...
  • Re: iptables, virtualbox and port forwarding
    ... learn that the iptables command does not save it's configuration. ... I had some network knowledge in the past, ... iptables-save, which will save the current ruleset, and a restore ...
  • Re: newbie needs help with iptables basics (please)
    ... >I have RTFM (man iptables) and have read several docs off the net and pages ... Implement Multi-Router Traffic Grapher to establish network ... discuss & plan the implementation of Snort 2.0 Intrustion ... Install Snort 2.0 Network-based Intrusion Detection System ...