View Single Post
  #6  
Old 3rd January 2007, 01:34
lubod lubod is offline
Junior Member
 
Join Date: Dec 2006
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

continued from previous post:

postfix:

Quote:
#!/bin/sh -e
# Called when a new interface comes up
# Written by LaMont Jones <lamont@debian.org>

# don't bother to restart postfix when lo is configured.
if [ "$IFACE" = "lo" ]; then
exit 0
fi

# If /usr isn't mounted yet, silently bail.
if [ ! -d /usr/lib/postfix ]; then
exit 0
fi

RUNNING=""
# If master is running, force a queue run to unload any mail that is
# hanging around. Yes, sendmail is a symlink...
if [ -f /var/spool/postfix/pid/master.pid ]; then
pid=$(sed 's/ //g' /var/spool/postfix/pid/master.pid)
exe=$(ls -l /proc/$pid/exe 2>/dev/null | sed 's/.* //;s/.*\///')
if [ "X$exe" = "Xmaster" ]; then
RUNNING="y"
fi
fi

# start or reload Postfix as needed
if [ ! -x /sbin/resolvconf ]; then
f=/etc/resolv.conf
if ! cp $f $(postconf -h queue_directory)$f 2>/dev/null; then
exit 0
fi
if [ -n "$RUNNING" ]; then
/etc/init.d/postfix reload >/dev/null 2>&1
fi
fi

# If master is running, force a queue run to unload any mail that is
# hanging around. Yes, sendmail is a symlink...
if [ -n "$RUNNING" ]; then
if [ -x /usr/sbin/sendmail ]; then
/usr/sbin/sendmail -q >/dev/null 2>&1
fi
fi
iptables.up.rules:

Quote:
# Generated by iptables-save v1.3.3 on Mon Dec 4 17:41:50 2006
*nat
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth1 -j MASQUERADE
COMMIT
# Completed on Mon Dec 4 17:41:50 2006
# Generated by iptables-save v1.3.3 on Mon Dec 4 17:41:50 2006
*mangle
:PREROUTING ACCEPT [377:45945]
:INPUT ACCEPT [376:45893]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [463:372111]
:POSTROUTING ACCEPT [463:372111]
COMMIT
# Completed on Mon Dec 4 17:41:50 2006
# Generated by iptables-save v1.3.3 on Mon Dec 4 17:41:50 2006
*filter
:FORWARD DROP [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A FORWARD -o eth1 -j LOG --log-level 7 --log-prefix BANDWIDTH_OUT:
-A FORWARD -i eth1 -j LOG --log-level 7 --log-prefix BANDWIDTH_IN:
-A OUTPUT -o eth1 -j LOG --log-level 7 --log-prefix BANDWIDTH_OUT:
-A INPUT -i eth1 -j LOG --log-level 7 --log-prefix BANDWIDTH_IN:
# Internal LAN outbound
-A FORWARD -i eth0 -j ACCEPT
# Internal LAN loopback
-A FORWARD -i lo -j ACCEPT
# Internal LAN Existing connections
-A FORWARD -i eth1 -j ACCEPT
COMMIT
# Completed on Mon Dec 4 17:41:50 2006
I have a feeling it is portsentry, or at least something in the system set too strictly with regards to security, and therefore blocking what it considers suspicious activity.

This is listed under the portsentry portion of webmin:

Block TCP Probes: Yes (was No by default)
Block UDP Probes: same

Hosts to ignore traffic from:
127.0.0.1/32
0.0.0.0

I did not to my knowledge enter these numbers, either they were the defaults or some part of webmin created them in response to my configuration.
Reply With Quote