Is it possible that you are forwading/nating that port? Take a look at your prerouting table "IPTABLES -L -v -t nat" Or block that port for forwarding, "IPTABLES -I FORWARD -p tcp --destination-port 25 -j REJECT"
Another thing, you write "IPTABLES -A INPUT -t tcp --destination-port 25 -j REJECT" And the correct sentence should be "IPTABLES -A INPUT -p tcp --destination-port 25 -j REJECT" Is that correct? Matias Lambert OSInet Telecomunicaciones Capital Federal - Buenos Aires Argentina - CA1185ACA http://www.osinet.com.ar > -----Mensaje original----- > De: Raffaele D'Elia [mailto:[EMAIL PROTECTED] > Enviado el: Lunes, 26 de Enero de 2004 12:26 p.m. > Para: Ronald Laarman; [email protected] > Asunto: RE: Iptables can't close port 25 and 110 > > > > > -----Original Message----- > From: "Ronald Laarman" <[EMAIL PROTECTED]> > To: <[email protected]> > Cc: <[EMAIL PROTECTED]> > Date: Mon, 26 Jan 2004 16:12:04 +0100 > Subject: RE: Iptables can't close port 25 and 110 > > > I already tried reject, I'll give an example to clarify my problem. > > > > Removed all iptable rules an when running a nmap scan (remotely) I get > > the following output: > > > > PORT STATE SERVICE > > 25/tcp open smtp > > 80/tcp open http > > 110/tcp open pop3 > > 199/tcp open smux > > 3306/tcp open mysql > > > > I then inserted the following rules: > > > > - IPTABLES -A INPUT -t tcp --destination-port 25 -j REJECT > > - IPTABLES -A INPUT -t tcp --destination-port 80 -j REJECT > > - IPTABLES -A INPUT -t tcp --destination-port 199 -j REJECT > > > > Did a new scan and nmap returned: > > > > PORT STATE SERVICE > > 25/tcp open smtp > > 110/tcp open pop3 > > 3306/tcp open mysql > > > > So even if I reject port 25, nmap detects it as open. And if I reject > > port 80, nmap detects it as being closed. > > > > Hope this give a better image of my problem. > > Ah. OK, it's strange!:) > > Hav u tried telnetting to the 25 port? Does exim responds? > > I'm curious... > > Radel > > ************************************************************************** > Questo messaggio puo' contenere informazioni di carattere estremamente > riservato e confidenziale. > Qualora non foste i destinatari, vogliate immediatamente informarci > con lo stesso mezzo ed eliminare il messaggio, con gli eventuali allegati, > senza trattenerne copia. Qualsivoglia utilizzo non autorizzato del > contenuto di questo messaggio costituisce violazione dell'obbligo di non > prendere cognizione della corrispondenza tra altri soggetti, salvo piu' > grave illecito, ed espone il responsabile alle relative conseguenze civili > e penali. > > This message is being sent from Starcom Italia Srl and may > contain information which is confidential or privileged. If you are not > the intended recipient, please advise the sender immediately by reply > e-mail and delete this message and any attachments without retaining a > copy. Any unauthorized use of the content of this message is a breach of > your duty to respect the confidentiality of the correspondence between > other persons and can expose the responsible party to civil and/or > criminal penalties, and may constitute a more serious offense. > ************************************************************************** > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > >
BEGIN:VCARD VERSION:2.1 N:Lambert;Matias;German FN:Matias Lambert ( OSInet ) ORG:OSInet TeleComunicaciones TEL;WORK;VOICE:+54 11 4861 5616 TEL;HOME;VOICE:+54 11 4861 5616 TEL;CELL;VOICE:+54 11 (15) 4429 9469 TEL;WORK;FAX:+54 11 4861 5616 TEL;HOME;FAX:+54 11 4861 5616 ADR;WORK:;;Panam� 933 12 E;Capital Federal;Buenos Aires;C1185ACA;Argentina LABEL;WORK;ENCODING=QUOTED-PRINTABLE:Panam=E1 933 12 E=0D=0ACapital Federal, Buenos Aires C1185ACA=0D=0AArgentina URL;WORK:http://www.osinet.com.ar EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20030313T150013Z END:VCARD
