Re: Help with basic pf rule to open port 25
On Thu, Jan 06, 2022 at 03:39:00PM -0500, Sean McBride wrote: > I don't actually want to use OpenSMTPD, I was just using it as a way to test > my experimental pf rules. I'l try to find some other way to test them. netcat # man nc
Re: Help with basic pf rule to open port 25
On 5 Jan 2022, at 11:40, Crystal Kolipe wrote: > Have you actually changed the default /etc/mail/smtpd.conf to listen for > external connections? No. > By default it only listens on the loopback interface, (and local socket). Ah. That probably explains that then. I don't actually want to use OpenSMTPD, I was just using it as a way to test my experimental pf rules. I'l try to find some other way to test them. Thanks both for your replies and links to reading materials. Cheers, Sean
Re: Help with basic pf rule to open port 25
On Wed, Jan 05, 2022 at 11:03:02AM -0500, Sean McBride wrote: > pass in log quick on egress proto tcp to any port smtp > If on the OpenBSD system itself I do `telnet > localhost 25` I see the built-in OpenSTMPD. But if I telnet from another > machine on my LAN, I fail to connect. Shouldn't that rule have opened port > 25? Assuming that you only have a single network card and that it is configured with the default routes, then yes, that rule will open port 25 to the other machines on your LAN. Have you actually changed the default /etc/mail/smtpd.conf to listen for external connections? By default it only listens on the loopback interface, (and local socket).
Re: Help with basic pf rule to open port 25
Hi Sean, Happy new year to you, do a netstat and make sure that your software is listening on an address other than loopback or all addresses (0.0.0.0) run the following command netstat -an If you want to check active rules in pf run the following command pfctl -sr if you ever want to check your rules (in a recently edited pf.conf file run pfctl -nvvvf /etc/pf.conf if the rules returned match what you wish ..then you can commit / load them by running pfctl -vvvf /etc/pf.conf (each v increases verbosity ) Peter Hansteen and Max Stucchi have an amazing tutorial on PF https://home.nuug.no/~peter/pftutorial/#1 but they explain the concepts really well recommend the class that they do in person .. for the latest features about PF in the version of Openbsd you are running ... man pfctl or man pf.conf will help you ... I hope this helps and enjoy the Journey in OpenBSD ... It is awesome ... Tom Smyth On Wed, 5 Jan 2022 at 16:09, Sean McBride wrote: > Hi all, > > (Newbie and first time poster, please be gentle :)) > > I'm trying to set up spamd, and I think I'm having trouble with pf. So > I tried to add a very basic test rule. I added to the beginning of > /etc/pf.conf the following: > > pass in log quick on egress proto tcp to any port smtp > > then rebooted (for luck). If on the OpenBSD system itself I do `telnet > localhost 25` I see the built-in OpenSTMPD. But if I telnet from > another machine on my LAN, I fail to connect. Shouldn't that rule have > opened port 25? > > Thanks, > > Sean > -- Kindest regards, Tom Smyth.
Help with basic pf rule to open port 25
Hi all, (Newbie and first time poster, please be gentle :)) I'm trying to set up spamd, and I think I'm having trouble with pf. So I tried to add a very basic test rule. I added to the beginning of /etc/pf.conf the following: pass in log quick on egress proto tcp to any port smtp then rebooted (for luck). If on the OpenBSD system itself I do `telnet localhost 25` I see the built-in OpenSTMPD. But if I telnet from another machine on my LAN, I fail to connect. Shouldn't that rule have opened port 25? Thanks, Sean