IPTables Newbie

Ed Hill ed at eh3.com
Mon Nov 24 22:12:12 EST 2003


On Mon, 2003-11-24 at 15:14, Michael White wrote:
> 
> I'm building an RH9 firewall/mailserver combo box for a small 
> client.  Sendmail appears to be running correctly in that I'm 
> able to telnet to port 25 from an internal system.  However, 
> after performing the following commands, I'm unable to telnet 
> to the same port from and external IP:
> 
> IPTABLES -A INPUT -p tcp --dport 25 -j ACCEPT
> IPTABLES -A INPUT -p ucp --dport 25 -j ACCEPT
> 
> Am I going about this all wrong?  Should I be entering the 
> command differently?


Hi Michael,

Have you verified that sendmail is really listening to non-local hosts? 
If you're using the default Red Hat sendmail, then you'll need to edit
the /etc/mail/sendmail.mc file so that you have:

  dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
  DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl

so that it listens to all hosts.  You should then, as root, run the
"make -C /etc/mail" command and restart sendmail.

good luck,
Ed

-- 
Edward H. Hill III, PhD
office:  MIT Dept. of EAPS;  Room 54-1424;  77 Massachusetts Ave.
            Cambridge, MA 02139-4307
email:   eh3 at mit.edu,  ed at eh3.com
URL:     http://web.mit.edu/eh3/
phone:   617-253-0098
fax:     617-253-4464
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.blu.org/pipermail/discuss/attachments/20031124/6c17acc8/attachment.sig>


More information about the Discuss mailing list