On Wed, 8 Mar 2000, Peter Schuller wrote:
> The setup is as follows: a mail server (Linux 2.0.34) is behind a firewall
> (Linux 2.2.13) that masquerades SMTP connections from the mail server to any
> other host on the internet.
>
> This works fine, except for one certain host - a "telnet XXX smtp" yields an
> immediate "connection closed" when done from the mail server (and qmail
> reports "connection died"). The connection can be sucessfully established if
> it is initiated on the firewall.
Hi Peter,
>From a machine outside your firewall, tcpdump and grab the connection
from the firewall and the masqaraded connection.
The only difference I can think of is that the apparent source port on
your firewall is going to be different.
Usually, MASQ connections are sourced from ports in the range 61000 to
65096. Normal connections are in the range 1024-32787. Maybe the
remote host is buggy and falls over with ports with the most
significant bit set?
Or they have a firewall rule covering those ports for some reason,
etc.
Mark
+-------------------------------------------------------------------------+
Mark Cooke The views expressed above are mine and are not
Systems Programmer necessarily representative of university policy
University Of Birmingham URL: http://www.sr.bham.ac.uk/~mpc/
+-------------------------------------------------------------------------+
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
