On Fri, 18 Jan 2002, guy keren wrote: > Date: Fri, 18 Jan 2002 02:07:46 +0200 (EET) > From: guy keren <[EMAIL PROTECTED]> > To: Tal Amir <[EMAIL PROTECTED]> > Cc: Tzafrir Cohen <[EMAIL PROTECTED]>, > the linux-il mailing list <[EMAIL PROTECTED]> > Subject: Re: access problem > > On Thu, 17 Jan 2002, Tal Amir wrote: > > > > telnet your-server 110 > > > > > > If and when a (tcp) connection is established, try writing the following: > > > > > > USER username > > > PASS topsecretpasswordinplaintext > > > QUIT > > > > telnetto port's 110 and 25 works. only mail clients cant get to > > authonticate. this is the most wierd part (?!) > > telnet - ok. but did you try doing the rest of what tzafrir suggested - > i.e. actually emulating an email client over this connection? please > answer with 'yes, and it worked, and i managed to login to port 110 after > supplying a valid user and password', or say 'yes, i tried, but it failed > with this and that error message', or say 'no, i didn't try, i will try > now'.
thanks for the options..what would i do without you ? ;) telnet to port 110 works and authonticates (25 as well) with a client - nothing. so this is not a closed port\service problem. > > > there ARE NO internal interfaces. > > 1 interface (eth0) with 1 real ip. this machine is in a dmz, and the > > firewall translates everything to it. this is why its accesible from both > > internal and external locations, and vice versa (it can access NAT > > addresses). > > ok, but DID you try running the netstat command tzafrir showed you anyway? > if you didn't, please do. and there is ALWAYS one internal interface, > namely 127.0.0.1 :P~~ > > and even if it doesnt' seem related, do it anyway. if you knew what the > problem was, you wouldn't have been asking in the first place. right, but there is a minimal sence of logic in what you try. and yes - netstat shows the connection ONLY if i try to connect directly to the port via telnet. it shows nothing when accessing with a client. > > > > Use netstat -ln --tcp and see if any service listens on an address that is > > > not 0.0.0.0 (=all interfaces). > > that's what tzafrir said - i keep the quote in case you lost the former > message. > > > > * Do packets from the clients get to the server? > > > Use tcpdump or any other sniffer. This could be a DNS problem or a routing > > > problem. > > > > no routing problem. as i said, i can ping it from the internal LAN. > > also from outside. > > this is not the problem. > correct, but it tells you if there is some kind of a block (route, firewall or whatever) between you and that machine. if you cant ping it, there is not much change that anything else will get there. > did you check what tzafrir suggested? he didn't say its a routing problem, > or anything else. pings does not tell you much, other then the fact that > ping works. it doesn't tell you if other protocols have any problems. > > > > * Have you looked at the logs? Any connection attempts logged? > > > > > another thing i forgot to mention : syslogd is running but not logging > > anything. the last log entry is at the same date when the hard reset > > acourd. i dont think that there is a connection, but go figure.. > > i would suggest you try to solve this problem - having working logs is a > good start to finding what's wrong, in case the imap server or pop server > or any other server is trying to log anything. > > chekc that you have a /etc/syslogd.conf file, and that it is properly > configured (i know "i haven't changed anything" - but when nothing realy > changes, things keep on working. if they don't - something was changed, > regardless of how it was changed - by manual editing, by file (system) > corruption, or anything else. > > by the way, my car mechanic would have told me that i should not just > assume things are working or not - he'd tell me that i need to actually > check what he tells me, or else, i shouldn't bother coming to his grage > for advice, without bringing my car. > boy, i am starting to get really sorry for that example ;) > -- > guy > > "For world domination - press 1, > or dial 0, and please hold, for the creator." -- nob o. dy > -- ----------------------------------- _|_|_ Best Regard's , ( ) * Amir Tal, /v\ / System Administrator /( )X (m_m) | | ICQ : 15748705 | (_)_ __ | | | '_ \| | | \ \/ / | | | | | | |_| |> < |_)_|_|_| |_|__,_/_/\ http://whatsup.homelinux.com ----------------------------------- ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
