Re: [LARTC] iptables : Incoming mail and ping problem

From: Bartek Krajnik <bartek@bicom.pl>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] iptables : Incoming mail and ping problem
Date: Fri, 07 Feb 2003 14:14:47 +0000	[thread overview]
Message-ID: <marc-lartc-104462735601056@msgid-missing> (raw)
In-Reply-To: <marc-lartc-104453889815152@msgid-missing>

On Thu, Feb 06, 2003 at 07:38:54PM +0600, Shaheen Hossain wrote:
> Diff between File I ( iptablesRC ) and File II (iptablesRC.2). File I works for incoming mail. File II does not for incoming mail, neither does pinging to this server to its external interface NIC IP. 
> 
> I could not figure out what the difference in these port allowing, reject or accept commands which are keeping the in-coming mail from coming on a RH Linux 7.3. Please help. Thanks.
> 
> ------------------------------------------------------------------------------
> [shossain@mohican shossain]$ diff /home/admin/firewall/iptablesRC /home/admin/firewall/iptablesRC.2 |  more
> 162c162
> < $IPTABLES -A allowed -p TCP -j REJECT
> ---
> > $IPTABLES -A allowed -p TCP -j DROP
> 185,187c185,187
> < $IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 1503 -j allowed
> < $IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 3389 -j allowed
> < $IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 5001:65535 -j allowed
> ---
> > $IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 1500:65535 -j allowed
> 192,200c192,200
> < $IPTABLES -A tcp_packets -p TCP -s 0/0 --source-port 22 -j ACCEPT
> < $IPTABLES -A tcp_packets -p TCP -s 0/0 --source-port 25 -j ACCEPT
> < $IPTABLES -A tcp_packets -p TCP -s 0/0 --source-port 42 -j ACCEPT
> < $IPTABLES -A tcp_packets -p TCP -s 0/0 --source-port 80 -j ACCEPT
> < $IPTABLES -A tcp_packets -p TCP -s 0/0 --source-port 113 -j ACCEPT
> < $IPTABLES -A tcp_packets -p TCP -s 0/0 --source-port 143 -j ACCEPT
> < $IPTABLES -A tcp_packets -p TCP -s 0/0 --source-port 174 -j ACCEPT
> < $IPTABLES -A tcp_packets -p TCP -s 0/0 --source-port 443 -j ACCEPT
> < $IPTABLES -A tcp_packets -p TCP -s 0/0 --source-port 5001:65535 -j ACCEPT
> ---
> > $IPTABLES -A tcp_packets -p TCP -s 0/0 --sport 22 -j ACCEPT
> > $IPTABLES -A tcp_packets -p TCP -s 0/0 --sport 25 -j ACCEPT
> > $IPTABLES -A tcp_packets -p TCP -s 0/0 --sport 42 -j ACCEPT
> > $IPTABLES -A tcp_packets -p TCP -s 0/0 --sport 80 -j ACCEPT
> > $IPTABLES -A tcp_packets -p TCP -s 0/0 --sport 113 -j ACCEPT
> > $IPTABLES -A tcp_packets -p TCP -s 0/0 --sport 143 -j ACCEPT
> > $IPTABLES -A tcp_packets -p TCP -s 0/0 --sport 174 -j ACCEPT
> > $IPTABLES -A tcp_packets -p TCP -s 0/0 --sport 443 -j ACCEPT
> > $IPTABLES -A tcp_packets -p TCP -s 0/0 --sport 1500:65535 -j ACCEPT
> 262d261
> <
> 268d266
> <
Send both files, not differences.

-- 
GPG-Key:
   http://www.bartek.bicom.pl/public_key.txt
   pub  1024D/948DE45D 2002-12-12 Bartek Krajnik <bartek@bicom.pl>
   Primary key fingerprint: 95E9 8E2D 1801 7864 2244  6EAA 03E5 764D 948D E45D


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/