Simion Onea a écrit :
Maybe I should examine more carefully the INPUT and FORWARD chains of the filter table. They are configured to allow inbound traffic to port 10025 and to allow forwarding to port 25. Are there any other requirements?
The INPUT chain is only for local delivery, forwarded traffic does not go through it. So you do not need to accept inbound traffic to port 10025 in the INPUT chain. You need to accept the return traffic in the FORWARD chain.
Is there any means to "debug" or to "see" how a packet traverses the chains and tables?
If the TRACE target is not available, you can insert rules with the LOG target at the beginning of each table/chain. You can also use a packet sniffer such as tcpdump or wireshark to watch the traffic at each interface.
-- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html