There are lines in the firewall.sh script which blocks all traffic from
private address blocks:
iptables -A INPUT -s 10.0.0.0/8 -i ! lo -j DROP
iptables -A INPUT -s 192.168.0.0/16 -i ! lo -j DROP
To fix this, I added the following to the firewall.sh script *before*
the above lines:
# shubes 5/16/06 - accept packets from local nets
iptables -A INPUT -s 192.168.20.0/255.255.255.0 -j ACCEPT
iptables -A INPUT -s 192.168.21.0/255.255.255.0 -j ACCEPT
Substitute you local subnets appropriately.
Does anyone have a suggestion how the firewall.sh script might be
modified so this problem doesn't happen to newbs? It happened to me as
well, and I think it's a bit aggravating.
--
-Eric 'shubes'
On 11/15/2012 06:42 AM, Rvaught wrote:
When I built the new machine , I did not comment out the firewall.sh
call within the cnt5064-svcs.sh script .
When I stopped IPTABLE service , clients can connect . Should this be
all I need to change ?
Thanks,
Rick
*From:*Cecil Yother, Jr. [mailto:[email protected]]
*Sent:* Wednesday, November 14, 2012 9:58 PM
*To:* [email protected]
*Subject:* Re: [qmailtoaster] Re: Connection Problems
On 11/14/2012 06:55 PM, Eric Shubert wrote:
On 11/14/2012 05:52 PM, Carlos Herrera Polo wrote:
Have you check firewall rules ?
El nov 14, 2012 5:50 p.m., "Rvaught" <[email protected]
<mailto:[email protected]>
<mailto:[email protected]>
<mailto:[email protected]>> escribió:
I had my Qmail Toaster crash from a failed raid array . I now
have a
new mair server setup . I can connect with email clients that are
on the same subnet with the server Ok. ____
Other clients on different subnets can not . I have the other
subnets listed in tcp.smtp the same as the old server . Is there
some place else I need to adjust .____
__ __
__ __
My guess would be a routing problem (outside of QMT). Can they ping
the QMT host?
I would do a dig too and make sure your DNS resolves.
--
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
