SLUG Mailing List Archives - Re: [SLUG] firewall blocking telnet to smtp port

To: slug@xxxxxxxxxxx
Subject: Re: [SLUG] firewall blocking telnet to smtp port
From: "Anthony Gray" <anthonyjgray@xxxxxxxxxxx>
Date: Thu Oct 10 07:41:07 2002

Thanks Malcolm,

I operlooked the fact that all the new rules I was adding were below the"drop/log all" section. Once I changed this, all was fine ahhh.


Regards
Anthony

From: Malcolm V <farkit@xxxxxxxxxxxxxx>
To: Sydney Linux Users Group Mailing List <slug@xxxxxxxxxxx>
Subject: Re: [SLUG] firewall blocking telnet to smtp port
Date: 10 Oct 2002 00:14:03 +1000

On Wed, 2002-10-09 at 23:30, Anthony Gray wrote:
<snipped>
> Chain INPUT (policy DROP)
> target     prot opt source               destination
<snipped>
> firewall   icmp --  anywhere             anywhere
> firewall   tcp  --  anywhere             anywhere           tcp
> flags:SYN,RST,ACK/SYN
> firewall   udp  --  anywhere             anywhere
Everything below this in the INPUT chain will never be reached, this
catches everything, logs it and drops it.

> ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:smtp
> flags:SYN,RST,ACK/SYN
There should be no need to use these flags, in fact I think this will
prevent normal traffic to this port which isn't an initial connection.

When you try to telnet in from the machine itself, is it appearring in
the logs with a source address of 127.0.0.1 or the network IP (Which is
not explicity "unblocked" due to a failure to resolve the name)?

Cheers,
Malcolm V.

--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug





_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com

Messages sorted by: [ date | thread ]
Prev by Date: Re: [SLUG] Redhat 8 - user menus in panels
Next by Date: [SLUG] SKIRMISH!!
Previous by thread: Re: [SLUG] firewall blocking telnet to smtp port
Next by thread: [SLUG] SKIRMISH!!