Posted: 5/8/2010 7:23:47 PM EDT
|
I'm pulling my hair out here and could really use some help. I've got a CentOS 5 computer that I'm trying to setup with postfix and dovecot for authenticated relay. I think I've got it setup, but I'm having problems with IPTables. Here's what I've got now: # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all –– anywhere anywhere ACCEPT tcp –– anywhere anywhere tcp dpt:https ACCEPT tcp –– anywhere anywhere tcp dpt:http Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all –– anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT tcp –– anywhere anywhere tcp dpt:ftp ACCEPT tcp –– anywhere anywhere tcp dpt:https ACCEPT tcp –– anywhere anywhere tcp dpt:http ACCEPT tcp –– anywhere anywhere tcp dpt:smtp ACCEPT all –– anywhere anywhere ACCEPT icmp –– anywhere anywhere icmp any ACCEPT udp –– anywhere 224.0.0.251 udp dpt:mdns ACCEPT all –– anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp –– anywhere anywhere state NEW tcp dpt:ssh REJECT all –– anywhere anywhere reject-with icmp-host-prohibited To me, the line "ACCEPT all –– anywhere anywhere" really seems wrong, but that isn't in /etc/sysconfig/iptables Also, I'm not able to even telnet 127.0.0.1 25 What am I doing wrong? Thanks |
|
Quoted: Can you do an iptables -L -n -v? You are missing some details that may be important. ~]# iptables -L -n -v Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 61 5608 fail2ban-SSH tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 95 10668 RH-Firewall-1-INPUT all –– * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 0 0 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 RH-Firewall-1-INPUT all –– * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 97 packets, 10789 bytes) pkts bytes target prot opt in out source destination Chain RH-Firewall-1-INPUT (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 0 0 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 0 0 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 3 149 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 0 0 ACCEPT all –– lo * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT icmp –– * * 0.0.0.0/0 0.0.0.0/0 icmp type 255 0 0 ACCEPT udp –– * * 0.0.0.0/0 224.0.0.251 udp dpt:5353 91 10471 ACCEPT all –– * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 1 48 ACCEPT tcp –– * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 0 0 REJECT all –– * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain fail2ban-SSH (1 references) pkts bytes target prot opt in out source destination 61 5608 RETURN all –– * * 0.0.0.0/0 0.0.0.0/0 Thanks |