-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi!
I recently set up an old machine as a firewall/router/mail-server at home using woody with the vanilla 2.2.20 kernel. (I would have used 2.4, but I had some booting (MBR) problems. When i finally got something to work, i stuck with it.) Anyhow... I used Bastille to set up the ipchains firewalling and ipmasqing, leaving ports 21, 22, 25 and 80 open. I then made a small script (a couple of lines) that forwarded ports 21 and 80 to my regular computer. The ipmasqing and port-forwarding worked fine (and still do). I then configured exim to recive and send mail to/from me and started using my home mail-address (the one i am sending this from), and that worked for at least a couple of weeks. Now it doesn't... I don't know exactly when it stopped working, since i didn't notice not reciveing any mail when I wasn't expecting any. Now the situation is as follows: Sending mail, and local mail, works fine. I can also telnet to exim from anywhere whithin my network. Incoming mail does not show up. I have tried telnetting to port 25 on my machine from computers outside my network and that doesn't work. (Same result as when trying to telnet to a firewalled (DENY) port.) Naturally now I re-ran InteractiveBastille and made shure all the questions where awsered correctly, restarted the firewall, reconfigured the eth's, updated bastille to version 1.3.0-2.1 (whish fixes another bug), nothing made any difference. I then ran "ipchains -C input -s <some-address> -d <my-public-address> -p 25 -i eth0" It said "denied" (so I thought I had found the problem). I ran "ipchains -I input 1 -p 25 -j ACCEPT" and re-ran the "-C" check. The check now said "accepted", but the behaviour regarding incoming connection attempts remained the same. I then ran the same check for port 22 and got a "denied" result, even though incoming ssh works fine. I guess I don't really understand ipchains as well as I would like to. Does anyone know if there is some obscure exim feature that can make it refuse incoming connections based om where they are coming from (ip or interface) that is not controlled by exim.conf? What am I doing wrong when I try to test the ipchains setup (with -C)? I must be doing something wrong since it says "denied" for stuff that works (ssh). br, Henrik Johansson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) iD8DBQE9yLcQms2BPrYuP/0RAqFOAJ9CtDhTMR8cYBkm2bTICAgX3akLwQCeND6V P2bRC4DtUq0s82Azt1yxefE= =RNDL -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
