View Single Post
  #5  
Old 22nd December 2012, 21:13
suntribe suntribe is offline
Junior Member
 
Join Date: Dec 2012
Location: Zagreb
Posts: 14
Thanks: 2
Thanked 1 Time in 1 Post
Default

Hi Falko, thanks for trying to help,


netstat -tap:
------------------------------------
Code:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 localhost:imap2         *:*                     LISTEN      2086/couriertcpd
tcp        0      0 localhost:spamd         *:*                     LISTEN      1534/spamd.pid
tcp        0      0 *:sunrpc                *:*                     LISTEN      604/rpcbind
tcp        0      0 *:webmin                *:*                     LISTEN      2347/perl
tcp        0      0 localhost:720           *:*                     LISTEN      2240/famd
tcp        0      0 *:ssmtp                 *:*                     LISTEN      2212/master
tcp        0      0 sunzone.server.c:domain *:*                     LISTEN      1368/named
tcp        0      0 localhost:domain        *:*                     LISTEN      1368/named
tcp        0      0 *:smtp                  *:*                     LISTEN      2212/master
tcp        0      0 localhost:953           *:*                     LISTEN      1368/named
tcp        0      0 *:XXX                   *:*                     LISTEN      841/sshd
tcp        0      0 localhost:10023         *:*                     LISTEN      1518/postgrey.pid -
tcp        0      0 localhost:10024         *:*                     LISTEN      1411/amavisd (maste
tcp        0      0 localhost:10025         *:*                     LISTEN      2212/master
tcp        0      0 localhost:mysql         *:*                     LISTEN      1303/mysqld
tcp        0      0 *:submission            *:*                     LISTEN      2212/master
tcp        0      0 sunzone.server.co:XXX   xx.xxx.xxx.xx-dsl:54900 TIME_WAIT   -
tcp       55      0 localhost:59403         localhost:10025         CLOSE_WAIT  1532/amavisd (ch1-a
tcp        0    248 sunzone.server.co:XXX   xx.xxx.xxx.x-dsl:54921 ESTABLISHED 13275/sshd: user [p
tcp       55      0 localhost:59400         localhost:10025         CLOSE_WAIT  1531/amavisd (ch1-a
tcp6       0      0 [::]:pop3               [::]:*                  LISTEN      2108/couriertcpd
tcp6       0      0 [::]:sunrpc             [::]:*                  LISTEN      604/rpcbind
tcp6       0      0 [::]:http               [::]:*                  LISTEN      2312/apache2
tcp6       0      0 [::]:ssmtp              [::]:*                  LISTEN      2212/master
tcp6       0      0 [::]:domain             [::]:*                  LISTEN      1368/named
tcp6       0      0 [::]:smtp               [::]:*                  LISTEN      2212/master
tcp6       0      0 ip6-localhost:953       [::]:*                  LISTEN      1368/named
tcp6       0      0 [::]:XXX                [::]:*                  LISTEN      841/sshd
tcp6       0      0 [::]:submission         [::]:*                  LISTEN      2212/master
iptables -L
---------------------------------
Code:
Chain INPUT (policy DROP)
target     prot opt source               destination
dynamic    all  --  anywhere             anywhere             ctstate INVALID,NEW
net2fw     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
Reject     all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere             LOG level info prefix "Shorewall:INPUT:REJECT:"
reject     all  --  anywhere             anywhere            [goto]

Chain FORWARD (policy DROP)
target     prot opt source               destination
Reject     all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere             LOG level info prefix "Shorewall:FORWARD:REJECT:"
reject     all  --  anywhere             anywhere            [goto]

Chain OUTPUT (policy DROP)
target     prot opt source               destination
fw2net     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
Reject     all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere             LOG level info prefix "Shorewall:OUTPUT:REJECT:"
reject     all  --  anywhere             anywhere            [goto]

Chain Broadcast (2 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere             ADDRTYPE match dst-type BROADCAST
DROP       all  --  anywhere             anywhere             ADDRTYPE match dst-type MULTICAST
DROP       all  --  anywhere             anywhere             ADDRTYPE match dst-type ANYCAST
DROP       all  --  anywhere             base-address.mcast.net/4

Chain Drop (1 references)
target     prot opt source               destination
           all  --  anywhere             anywhere
reject     tcp  --  anywhere             anywhere             tcp dpt:auth /* Auth */
Broadcast  all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere             icmp fragmentation-needed /* Needed ICMP types */
ACCEPT     icmp --  anywhere             anywhere             icmp time-exceeded /* Needed ICMP types */
Invalid    all  --  anywhere             anywhere
DROP       udp  --  anywhere             anywhere             multiport dports loc-srv,microsoft-ds /* SMB */
DROP       udp  --  anywhere             anywhere             udp dpts:netbios-ns:netbios-ssn /* SMB */
DROP       udp  --  anywhere             anywhere             udp spt:netbios-ns dpts:1024:65535 /* SMB */
DROP       tcp  --  anywhere             anywhere             multiport dports loc-srv,netbios-ssn,microsoft-ds /* SMB */
DROP       udp  --  anywhere             anywhere             udp dpt:1900 /* UPnP */
NotSyn     tcp  --  anywhere             anywhere
DROP       udp  --  anywhere             anywhere             udp spt:domain /* Late DNS Replies */

Chain Invalid (2 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere             ctstate INVALID

Chain NotSyn (2 references)
target     prot opt source               destination
DROP       tcp  --  anywhere             anywhere             tcpflags:! FIN,SYN,RST,ACK/SYN

Chain Reject (3 references)
target     prot opt source               destination
           all  --  anywhere             anywhere
reject     tcp  --  anywhere             anywhere             tcp dpt:auth /* Auth */
Broadcast  all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere             icmp fragmentation-needed /* Needed ICMP types */
ACCEPT     icmp --  anywhere             anywhere             icmp time-exceeded /* Needed ICMP types */
Invalid    all  --  anywhere             anywhere
reject     udp  --  anywhere             anywhere             multiport dports loc-srv,microsoft-ds /* SMB */
reject     udp  --  anywhere             anywhere             udp dpts:netbios-ns:netbios-ssn /* SMB */
reject     udp  --  anywhere             anywhere             udp spt:netbios-ns dpts:1024:65535 /* SMB */
reject     tcp  --  anywhere             anywhere             multiport dports loc-srv,netbios-ssn,microsoft-ds /* SMB */
DROP       udp  --  anywhere             anywhere             udp dpt:1900 /* UPnP */
NotSyn     tcp  --  anywhere             anywhere
DROP       udp  --  anywhere             anywhere             udp spt:domain /* Late DNS Replies */

Chain dynamic (3 references)
target     prot opt source               destination

Chain eth0_fwd (0 references)
target     prot opt source               destination
dynamic    all  --  anywhere             anywhere             ctstate INVALID,NEW

Chain fw2net (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere

Chain logdrop (0 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere

Chain logreject (0 references)
target     prot opt source               destination
reject     all  --  anywhere             anywhere

Chain net2fw (1 references)
target     prot opt source               destination
dynamic    all  --  anywhere             anywhere             ctstate INVALID,NEW
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:pop3 /* POP3 */
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:smtp /* SMTP */
ACCEPT     icmp --  anywhere             anywhere             icmp echo-request /* Ping */
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:webmin /* Webmin */
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http /* Web */
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https /* Web */
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh /* SSH */
Drop       all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere             LOG level info prefix "Shorewall:net2fw:DROP:"
DROP       all  --  anywhere             anywhere

Chain reject (10 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere             ADDRTYPE match src-type BROADCAST
DROP       all  --  base-address.mcast.net/4  anywhere
DROP       igmp --  anywhere             anywhere
REJECT     tcp  --  anywhere             anywhere             reject-with tcp-reset
REJECT     udp  --  anywhere             anywhere             reject-with icmp-port-unreachable
REJECT     icmp --  anywhere             anywhere             reject-with icmp-host-unreachable
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

Chain shorewall (0 references)
target     prot opt source               destination
i configured shorewall to suit my needs and I think haven't locked myself out when I try to telnet to smtp port from outside, i get no response so i guess that no program is actually listening this port...

Last edited by suntribe; 23rd December 2012 at 01:00.
Reply With Quote