Hello, I have router (debian) for LAN and an iptables firewall looks like
Chain FORWARD (policy DROP) target prot opt source destination DROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID DROP all -- 192.168.178.43 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8 ACCEPT tcp -- 192.168.178.20 0.0.0.0/0 tcp dpt:25 ACCEPT tcp -- 192.168.178.22 0.0.0.0/0 tcp dpt:25 ACCEPT tcp -- 192.168.178.20 0.0.0.0/0 tcp dpt:465 ACCEPT tcp -- 192.168.178.22 0.0.0.0/0 tcp dpt:465 ACCEPT tcp -- 192.168.178.20 0.0.0.0/0 tcp dpt:587 ACCEPT tcp -- 192.168.178.22 0.0.0.0/0 tcp dpt:587 ACCEPT tcp -- 192.168.178.20 0.0.0.0/0 tcp dpt:143 ACCEPT tcp -- 192.168.178.22 0.0.0.0/0 tcp dpt:143 ACCEPT tcp -- 192.168.178.20 0.0.0.0/0 tcp dpt:993 ACCEPT tcp -- 192.168.178.22 0.0.0.0/0 tcp dpt:993 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:993 reject-with icmp-port-unreachable REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable my pc has ip 192.168.178.20 and I can receive mails (gmail address) with icedove. my android phone has ip 192.168.178.22 and i *can't* receive mails with standard gmail programm. when i add ACCEPT all -- 192.168.178.22 0.0.0.0/0 it also works with gmail programm. what is wrong here? did gmail programm use other ports? i have try to sniffer with tcpdump but cant find any relevant traffic. best regards, basti
