#1  
Old 14th August 2005, 10:02
davidg davidg is offline
Junior Member
 
Join Date: Jul 2005
Posts: 12
Thanks: 0
Thanked 0 Times in 0 Posts
Default Firewall problem

I can Telnet from localhost to port 25, but not from a remote computer. Also I can telnet on port 110 local and remote no problem. My server is behind a router, but the server is in a dmz so I do not think that is blocking. Also if I re-start the server I have to manually start the firewall from the ispconfig control panel. Thanks for your help.

I believe its a firewall issue. Here is the output from iptables -L

Chain INPUT (policy DROP)
target prot opt source destination
DROP tcp -- anywhere 127.0.0.0/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere

Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Chain PAROLE (9 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain PUB_IN (3 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:http
PAROLE tcp -- anywhere anywhere tcp dpt:81
PAROLE tcp -- anywhere anywhere tcp dptop3
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:10000
ACCEPT udp -- anywhere anywhere udp dpt:domain
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain PUB_OUT (3 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Reply With Quote
Sponsored Links
  #2  
Old 14th August 2005, 11:24
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,478
Thanks: 813
Thanked 5,255 Times in 4,121 Posts
Default

Quote:
Originally Posted by davidg
I can Telnet from localhost to port 25, but not from a remote computer. Also I can telnet on port 110 local and remote no problem. My server is behind a router, but the server is in a dmz so I do not think that is blocking. Also if I re-start the server I have to manually start the firewall from the ispconfig control panel. Thanks for your help.
The iptables output looks fine so far.

If you stop the ISPConfig firewall by executing

Code:
./bastille_firewall stop
in your init script directory, can you then reach port 25 from a remote computer?
Reply With Quote
  #3  
Old 14th August 2005, 12:14
davidg davidg is offline
Junior Member
 
Join Date: Jul 2005
Posts: 12
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I stopped the firewall and could not login through telnet on port 25 from remote computer. Maybe its Postfix not working.

Thank you for your help.
Reply With Quote
  #4  
Old 14th August 2005, 13:09
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,478
Thanks: 813
Thanked 5,255 Times in 4,121 Posts
Default

Quote:
Originally Posted by davidg
I stopped the firewall and could not login through telnet on port 25 from remote computer. Maybe its Postfix not working.

Thank you for your help.
Have you configured postfix to listen on all network interfaces?

execute:

Code:
postconf -e 'inet_interfaces = all'
then restart postfix:

Code:
/etc/init.d/postfix restart
Reply With Quote
  #5  
Old 14th August 2005, 13:15
davidg davidg is offline
Junior Member
 
Join Date: Jul 2005
Posts: 12
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

yes postfix is configured to listen on all interfaces.
I restarted the server.
This worked before but I bet my provider is blocking port 25 now, I will find out on Monday if they are blocking port 25.

Thanks for your help.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Skype <-> Firewall leno Desktop Operation 5 3rd October 2008 02:56
DNS Config Problem bolinux Installation/Configuration 27 20th August 2005 16:12
Problem opening firewall port weedguy General 15 12th August 2005 01:05
Postfix Problem m u r Installation/Configuration 0 8th August 2005 19:12
Installation Problem _InFeCtOr Installation/Configuration 5 8th August 2005 15:34


All times are GMT +2. The time now is 01:53.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.