Posted: 5/8/2010 7:23:47 PM EDT
|
I'm pulling my hair out here and could really use some help. I've got a CentOS 5 computer that I'm trying to setup with postfix and dovecot for authenticated relay. I think I've got it setup, but I'm having problems with IPTables. Here's what I've got now: # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all –– anywhere anywhere ACCEPT tcp –– anywhere anywhere tcp dpt:https ACCEPT tcp –– anywhere anywhere tcp dpt:http Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all –– anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT tcp –– anywhere anywhere tcp dpt:ftp ACCEPT tcp –– anywhere anywhere tcp dpt:https ACCEPT tcp –– anywhere anywhere tcp dpt:http ACCEPT tcp –– anywhere anywhere tcp dpt:smtp ACCEPT all –– anywhere anywhere ACCEPT icmp –– anywhere anywhere icmp any ACCEPT udp –– anywhere 224.0.0.251 udp dpt:mdns ACCEPT all –– anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp –– anywhere anywhere state NEW tcp dpt:ssh REJECT all –– anywhere anywhere reject-with icmp-host-prohibited To me, the line "ACCEPT all –– anywhere anywhere" really seems wrong, but that isn't in /etc/sysconfig/iptables Also, I'm not able to even telnet 127.0.0.1 25 What am I doing wrong? Thanks |
|
Quoted: Can you do an iptables -L -n -v? You are missing some details that may be important. ~]# iptables -L -n -v Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 61 5608 fail2ban-SSH tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 95 10668 RH-Firewall-1-INPUT all –– * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 0 0 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 RH-Firewall-1-INPUT all –– * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 97 packets, 10789 bytes) pkts bytes target prot opt in out source destination Chain RH-Firewall-1-INPUT (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 0 0 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 0 0 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 3 149 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 0 0 ACCEPT all –– lo * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT icmp –– * * 0.0.0.0/0 0.0.0.0/0 icmp type 255 0 0 ACCEPT udp –– * * 0.0.0.0/0 224.0.0.251 udp dpt:5353 91 10471 ACCEPT all –– * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 1 48 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 0 0 REJECT all –– * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain fail2ban-SSH (1 references) pkts bytes target prot opt in out source destination 61 5608 RETURN all –– * * 0.0.0.0/0 0.0.0.0/0 Thanks |
Win a FREE Membership!
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.