[plug] firewall issue
Jon Miller
jlmiller at mmtnetworks.com.au
Tue Dec 9 10:15:35 WST 2008
A little more information:
When I added a rule in the INPUT chain I get an immediate connection
refused, yet when I remove it I get a lot of SYN packets going to the
server. I'm using tshark to view what is happening.
My setup for testing is as follows:
My office one terminal session on my firewall with tshark running:
Tshark -I eth0 port imap
My office one terminal session on my SuSE Linux Desktop:
Telenet mail.destination.com.au 143
Destination server:
Tshark -I eth0 port 143
I've opened the port 143 on both the linux gateway server (iptables) and the
Cisco router on the destination site.
J
_____
From: plug-bounces at plug.org.au [mailto:plug-bounces at plug.org.au] On Behalf
Of Jon Miller
Sent: Tuesday, 9 December 2008 10:02 AM
To: plug at plug.org.au
Subject: [plug] firewall issue
I'm trying to open a port for imap and having a bitch of a time at it.
I have imap running from the following results:
# nmap -n -O -p 143 -sS 192.168.1.100
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-12-09 09:21 WST
Warning: OS detection will be MUCH less reliable because we did not find at
least 1 open and 1 closed TCP port
Interesting ports on 192.168.1.100:
PORT STATE SERVICE
143/tcp open imap
MAC Address: 00:14:5E:2B:67:2A (IBM)
Device type: general purpose
Running: Novell NetWare 6.X
OS details: Novell NetWare 6 SP1
Nmap finished: 1 IP address (1 host up) scanned in 1.118 seconds
The issue is in the iptables firewall. I'm having the following rules:
$IPT -A FORWARD -i $INT_IFACE -d 192.168.1.100 -p tcp --dport 143 -j ACCEPT
$IPT -A FORWARD -i $INT_IFACE -s 192.168.1.100 -p tcp --dport 143 -j ACCEPT
I have these 2 rules in, do I need to add more rules in the INPUT and
OUTPUT chains?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20081209/1c22ffb5/attachment.html>
More information about the plug
mailing list