Email Server Timeouts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

When I enabled these rules, but then sendmail (on the same box) started
timing out talking to other mail servers.  Does anyone see why?


# Generated by iptables-save v1.2.7a on Thu Aug 21 14:04:36 2003
*nat
:PREROUTING ACCEPT [119808:12963417]
:POSTROUTING ACCEPT [20799:1127196]
:OUTPUT ACCEPT [28268:1649529]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Thu Aug 21 14:04:36 2003
# Generated by iptables-save v1.2.7a on Thu Aug 21 14:04:36 2003
*mangle
:PREROUTING ACCEPT [4394291:2746107050]
:INPUT ACCEPT [629207:295924271]
:FORWARD ACCEPT [3748994:2446728158]
:OUTPUT ACCEPT [700510:360090297]
:POSTROUTING ACCEPT [4450703:2807075249]
COMMIT
# Completed on Thu Aug 21 14:04:36 2003
# Generated by iptables-save v1.2.7a on Thu Aug 21 14:04:36 2003
*filter
:INPUT ACCEPT [629180:295921855]
:FORWARD ACCEPT [3748994:2446728158]
:OUTPUT ACCEPT [700509:360090229]
-A INPUT -i eth0 -p tcp -m tcp --dport 11001:65535 -j REJECT --reject-with
icmp-port-unreachable
-A INPUT -i eth0 -p tcp -m tcp --dport 199 -j REJECT --reject-with
icmp-port-unreachable
-A INPUT -i eth0 -p tcp -m tcp --dport 111 -j REJECT --reject-with
icmp-port-unreachable
-A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j REJECT --reject-with
icmp-port-unreachable
-A INPUT -i eth0 -p udp -m udp --dport 135:139 -j REJECT --reject-with
icmp-port-unreachable
-A INPUT -i eth0 -p tcp -m tcp --dport 135:139 -j REJECT --reject-with
icmp-port-unreachable
-A FORWARD -i eth0 -m state --state INVALID,NEW -j REJECT --reject-with
icmp-port-unreachable
-A FORWARD -p 47 -m state --state NEW -i eth1 -o eth0 -j ACCEPT
-A FORWARD -p tcp -m state --state NEW --dport 1723 -i eth1 -o eth0 -j ACCEPT
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
COMMIT
# Completed on Thu Aug 21 14:04:36 2003


Thanks,
Corey S. Furman
Network Administrator

Telephone:                        Email:
Work:   1.800.233.7177            Documents:  furmanc@xxxxxxxxxxxxxxxx
Cell:   1.570.809.2449            Instant:    CoreyFurman@xxxxxxxxxxx
_________________________________________________
Warning! Sending me an attachment of these types:
.bat   .com   .exe   .htm   .html
.hta   .lnk   .url   .pif   .scr
.shs   .vbs   .vbe   .wsf   .wsh
will send your email to the trash, unread!
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux