From: dave <dave@dtracorp.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: fc4 iptables blocking yum and smtp (postfix)
Date: Sun, 30 Apr 2006 16:03:51 +1000 [thread overview]
Message-ID: <44545347.6000206@dtracorp.com> (raw)
In-Reply-To: <44544CF0.20404@zoomnet.ro>
Alexandru Dragoi wrote:
> dave wrote:
>
>
>> hi all
>>
>> ok, i know this is an iptables issue, because both yum and smtp work
>> when i turn iptables off
>>
>> i don't really have any idea when it comes to server level stuff, so i
>> really need someone to help me out here
>>
>> i have been told that it has something to do with ESTABLISHED,RELATED
>> settings that i need to add (but don't know what i need to do)
>>
>> my iptables listed below
>>
>> thanks
>> dave
>>
>> [code]
>> # Generated by iptables-save v1.3.0 on Tue Apr 11 23:20:05 2006
>> *filter
>> :FORWARD ACCEPT [0:0]
>> :INPUT DROP [0:0]
>> :OUTPUT ACCEPT [0:0]
>> -A INPUT -p tcp -m tcp -m multiport -j ACCEPT --dports 22,10000
>> -A INPUT -p tcp -m tcp -m multiport -j ACCEPT --dports
>> 20,21,25,80,110,143,443,993,995,3306
>> -A INPUT -p udp -m udp -m multiport -j ACCEPT --dports 53,123
>> #-A INPUT -p udp -m udp --sport 53 -j ACCEPT
>> # Localhost traffic
>> -A INPUT -i lo -j ACCEPT
>> COMMIT
>> # Completed on Tue Apr 11 23:20:05 2006
>> # Generated by iptables-save v1.3.0 on Tue Apr 11 23:20:05 2006
>> *mangle
>> :FORWARD ACCEPT [0:0]
>> :INPUT ACCEPT [247924:148337622]
>>
>> :OUTPUT ACCEPT [203797:85733410]
>> :POSTROUTING ACCEPT [203797:85733410]
>> :PREROUTING ACCEPT [273515:151663480]
>> COMMIT
>> # Completed on Tue Apr 11 23:20:05 2006
>> # Generated by iptables-save v1.3.0 on Tue Apr 11 23:20:05 2006
>> *nat
>> :OUTPUT ACCEPT [3330:227736]
>> :POSTROUTING ACCEPT [3330:227736]
>> :PREROUTING ACCEPT [41038:5544645]
>> COMMIT
>> # Completed on Tue Apr 11 23:20:05 2006
>> [/code]
>>
>>
>>
> Try adding
> -A INPUT -p tcp -m tcp -m multiport -j ACCEPT --sports 22,10000
> -A INPUT -p tcp -m tcp -m multiport -j ACCEPT --sports
> 20,21,25,80,110,143,443,993,995,3306
>
>
thanks, that seems to have done the trick
prev parent reply other threads:[~2006-04-30 6:03 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-04-30 5:03 fc4 iptables blocking yum and smtp (postfix) dave
2006-04-30 5:36 ` Alexandru Dragoi
2006-04-30 6:03 ` dave [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=44545347.6000206@dtracorp.com \
--to=dave@dtracorp.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.