Hi,
Am 09.04.2015 um 14:22 schrieb Andy Blanchard:
SMTP from external IP addresses (e.g. anything other than 127.0.0.1)
is blocked by default by the Fedora firewall and I've not seen any
mention of checking that in the thread. I'm assuming you are using
the default firewall, FirewallD, rather than iptables?
Hi, this is most interesting!
First of all I didn't realize there is a Firewall on by default - sorry
for that, but this is my first Fedora Server ...
I already worked out that firewalld is running
# systemctl status firewalld
Loaded: loaded (/usr/lib/systemd/system/firewalld.service;
enabled)
Active: active (running) since Do 2015-04-09 15:41:29 CEST;
26min ago
[...]
and added smtp to the list of permitted services - as you said it wasn't
there before. Now I have prmanently
# firewall-cmd --zone=public --list-services
dhcpv6-client mdns smtp ssh
Of course postfix still doesn't work, but at least I have learned
something :-)
How do I find out if iptables is doing anything? I can run the command -
does that mean there is a second firewall?
Greetings
Peter
If so:
"sudo firewall-cmd --get-services" will list supported services. SMTP
should be on the list.
"sudo firewall-cmd --zone=public --list-services" will list permitted
services in the public zone. SMTP should also be on the list.
"sudo firewall-cmd --zone=public --add-service=smtp" will temporarily
add SMTP to the permitted services if not present above.
"sudo firewall-cmd --permanent --zone=public --add-service=smtp" will
make that change permanent (survive a reboot).
If you are using iptables, then you can check the rules with:
"sudo iptables --list-rules"
You should have an entry that reads something like:
"-A INPUT -p tcp -m tcp --dport 25 --tcp-flags SYN,RST,ACK SYN -j ACCEPT"
If not, you can add it by editing the file "/etc/sysconfig/iptables",
adding the line above to the INPUT chain, then reloading the rules
with the command "sudo iptables-restore < /etc/sysconfig/iptables".
HTH
On 9 April 2015 at 11:07, Peter Ulrich Kruppa <pukruppa@xxxxxxxxxxxxxx> wrote:
Hi everyone,
please do excuse my unspecific subject - I don't really know what my
problem is yet.
I set up a Postfix-Server on my Fedora 21 box, which is connected to
the internet via
some Netgear Router. My private LAN is 192.168.10.0/24 with the Fedora
box fixed on
192.168.10.1 . My Netgear thing has got a fixed IP and hostname, let's say for
mydomain.com .
Now I can
- send myself mails from my Fedora box
- send mails from my Fedora box to the outside p. ex. my googlemail account
but I can't receive mails from outside.
When I do a
# tcpdump -n -i any tcp port 25
on my Fedora I can see many messsages like
10:34:09.338691 IP 212.227.17.11.64945 > 192.168.10.1.smtp: Flags [S],
seq 3273717964, win 14600, options [mss 1418,sackOK,TS val 1273019143
ecr 0,nop,wscale 9], length 0
10:34:10.339378 IP 212.227.17.11.64945 > 192.168.10.1.smtp: Flags [S],
seq 3273717964, win 14600, options [mss 1418,sackOK,TS val 1273019393
ecr 0,nop,wscale 9], length 0
[...]
Any good ideas, what else I can do to analyze my problem?
Thanks for your answers
Peter
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org