[Leaf-user] Problems accessing POP server behind DS floppy

Michael Leone Sat, 09 Feb 2002 10:58:43 -0800

I'm having a problem accessing my POP server that is behind my DS
(floppy) firewall. I have no problems accessing it locally, so it
appears that the POP3 software is working fine.


>From network.conf:

###############################################################################
# Port Forwarding
###############################################################################
# Remember to open appropriate holes in the firewall rules, above

# Uncomment following for port-forwarded internal services.
# The following is an example of what should be put here.
# Tuples are as follows:
#       <protocol>_<local-ip>_<local-port>_<remote-ip>_<remote-port>
#INTERN_SERVERS="tcp_${EXTERN_IP}_ftp_192.168.1.1_ftp 
tcp_${EXTERN_IP}_smtp_192.168.1.1_smtp"
EX_IP=216.158.26.254
IN_IP=192.168.100.20
INTERN_SERVERS="tcp_${EX_IP}_ftp_${IN_IP}_ftp
tcp_${EX_IP}_smtp_${IN_IP}_smtp tcp_${EX_IP}_110_${IN_IP}_110
tcp_${EX_IP}_ssh_${IN_IP}_ssh tcp_${EX_IP}_www_${IN_IP}_www"

(line above is wrapped)

Only the port 110 service doesn't work; all the other services listed in
the INTERN_SERVERS line works (i.e., ftp, smtp, www - all are accessible
thru the firewall)

The port forwarding seems to be OK:

prot localaddr            rediraddr               lport    rport  pcnt  pref
TCP  216.158.26.254       192.168.100.20             22       22     4    10
TCP  216.158.26.254       192.168.100.20             24       22    10    10
TCP  216.158.26.254       192.168.100.20            143      143    10    10
TCP  216.158.26.254       192.168.100.20            110      110    10    10
TCP  216.158.26.254       192.168.100.20             80       80     3    10
TCP  216.158.26.254       192.168.100.20             21       21     8    10
TCP  216.158.26.254       192.168.100.20             25       25     5    10

But DS is still blocking port 110:

Feb  9 13:49:38 ellcrys kernel: Packet log: input DENY eth0 PROTO=6
216.136.172.21:16762 216.158.26.254:110 L=44 S=0x00 I=27402 F=0x4000
T=50 SYN (#46)
Feb  9 13:49:44 ellcrys kernel: Packet log: input DENY eth0 PROTO=6
216.136.172.21:16762 216.158.26.254:110 L=44 S=0x00 I=30646 F=0x4000
T=50 SYN (#46)
Feb  9 13:49:56 ellcrys kernel: Packet log: input DENY eth0 PROTO=6
216.136.172.21:16762 216.158.26.254:110 L=44 S=0x00 I=38424 F=0x4000
T=50 SYN (#46)
Feb  9 13:50:20 ellcrys kernel: Packet log: input DENY eth0 PROTO=6
216.136.172.21:16762 216.158.26.254:110 L=44 S=0x00 I=53383 F=0x4000
T=50 SYN (#46)

SO, what is so different about port 110 (pop-3) that is causing DS to
block it, and not the other ports?

-- 

------------------------------------------------------------------
Michael J. Leone                  Registered Linux user #201348 
<mailto:[EMAIL PROTECTED]>    ICQ: 50453890     AIM: MikeLeone

PGP Fingerprint: 0AA8 DC47 CB63 AE3F C739 6BF9 9AB4 1EF6 5AA5 BCDF
PGP public key:
<http://www.mike-leone.com/~turgon/turgon-public-key.gpg>

"Sometimes your lack of sympathy gets hard to explain, 
 So on your mask of make-up you just paint a little parody of pain" 
                                 "When you were young", Del Amitri


_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user

[Leaf-user] Problems accessing POP server behind DS floppy

Reply via email to