On 2/15/17, Zenny <[email protected]> wrote: > Hi, > > I have shorewall 4.6 with the rules in which I have DNATted required > ports ( (including smtp and postfix+dovecot related ports forwareded > viz. 25, 465, 587, 993, and 995) to an internal server (a lxc VM). > > However, on the machine that I run Shorewall, it says only port 25 is > open, but not others (465,587, 993 and 995). That might be the reason > the outgoing mail works, but incoming does not. > > # telnet <pulicIPofShorewallServer> 25 > Trying<pulicIPofShorewallServer> ... > Connected to <pulicIPofShorewallServer> . > Escape character is '^]'. > 220 server2.domain.tld ESMTP Postfix (Debian/GNU) > > For other ports, it cannot connect: > telnet: Unable to connect to remote host: Connection refused > > Did I miss something to make changes in shorewall config files to open > those ports in the server running shorewall?
Please find attached the output of: iptables -L at http://pastebin.geany.org/68TuE/ and iptables -t nat -L at http://pastebin.geany.org/TKbwe/ if it helps. Thanks. > > Any input appreciated. > -- > Cheers, > /z > > > -----BEGIN PGP PUBLIC KEY BLOCK----- > Comment: http://openpgpjs.org > > xsBNBFcTxwEBCAC+G0MG+BHNGs8orGRobPV6jd+8RtT4XhXXEnuEjLA5uHz8 > 1OulvUS/qiq58Jo/KEnTn19rtyNiN7GmrLvo14Q0+mpFQEfrnzj2NCr1bf8w > l5r+CrIIb+xFEqf5dIHf3w1NNXgHwl6Z3QBflZsqaPHa8y5dhAqVlr1NS7EL > VgCifutAppl2Fcl05p4F5pQLKHMYCO+5gPMnMfnOOe4BTch0VOg8N4qkv0Px > JtSHjHucpivf4eJwznejYwDt/AtdyaB7LUC9N6yuLN+QYuB/mIo0YVU2wcgP > iwr8ITfDUz5Nx0MUm9hmTbOyj6ixNOVuYMmOvevCzzU0ULEkr99EMoAJABEB > AAHNHFplbm55IDxnYXJieXRyYXNoQGdtYWlsLmNvbT7CwHIEEAEIACYFAlcT > xwEGCwkIBwMCCRABOcPTK6+XKwQVCAIKAxYCAQIbAwIeAQAAD5gH/21f5PLm > ytP4rd9HLGKHTMQola/VKMoCMlA7zb1LLJKTCJayZmIproblTyWO8iSSkkaA > 89gIifuCTvMJ8vh4WLTUfO0gr+41uZhLScYqAOoqgctCPsyrHxV4QBYAzGf7 > 1LAEymtYBSiKHhks4Jff190Czrfupz7AAuLxepS1/RIZbdmeYO2g8FWf4sIR > ZFKehNMSWlspxYGxXdAmGLX+xtHD+LNHqqnERsuatynR9oJ3G8WauD4CiNgW > IRyfxf2xZVj7J+bGzg7dl7IJNmp0UDTLqqsF2TFpURyfIAAAhb3WkQAaV5n1 > osMST1BbCnWdGo5bjpReuBl3lQ5bIn3Gc3HOwE0EVxPHAQEIAL2Pq+od71kT > /lRMt+XDryOc1XTT5DJW7BUMXOjXXOZfWsuGTrqU3O1XYPWYzoZy9L+6zpII > On/auicvkUblWvrXkt4CIVIU1qDk6KpDKVKBiINy5sk7cTyjumbqxPmnVBK2 > DHN27rLOnReCnFUmgIgbfgK0/un0oEnAHvsYdeg1ydipd2vVzx3aJ1TfQS1W > IBWN125EO4nKQ5Kl1XV7nWvlv+ZvrOmOWVeSl9jpyZvLJDmks0E/AIF4QBJF > K+NTME8+x7CwFDQwLGENXojeZOfsNHbln91KE1ZU1/QvzLHVqdZOo/s20Y7V > tjdUsiUPpVQcsSpXLzGKPCWz90M3Be8AEQEAAcLAXwQYAQgAEwUCVxPHAgkQ > ATnD0yuvlysCGwwAAL9hCACP7CY1fivXEN4X+l/C56l/nARrNVoZvJr4QHnF > 9C/r5m6TLCMov0eOLg8IvZF7M0Ecyvq1IzNqbwQd+8mTA4tn+aND20fk2z08 > floFL6fJykIyAGtRMwAb3HdC1pqexk/0pYxhoy9GtQzqvK/NbcPPdBDd1N7M > pKdXDVhXhx0R1K6UlMYfnyc9o171UYRPlFrmdBV7ZLC4KeBKqFEESKXaxyRg > D7E1FXGl1pDMh2QJNM/n9gVLJb0+znBsPG4jUNOctAOhRwF9Z23qsU6AGpOu > QhWG1alJz6d1T4sTgPdh+K1nMWNKGUzzayAKrRPTbnwLEijqqJPpIIDVzoai > py73 > =JPvb > -----END PGP PUBLIC KEY BLOCK----- > -- Cheers, /z -----BEGIN PGP PUBLIC KEY BLOCK----- Comment: http://openpgpjs.org xsBNBFcTxwEBCAC+G0MG+BHNGs8orGRobPV6jd+8RtT4XhXXEnuEjLA5uHz8 1OulvUS/qiq58Jo/KEnTn19rtyNiN7GmrLvo14Q0+mpFQEfrnzj2NCr1bf8w l5r+CrIIb+xFEqf5dIHf3w1NNXgHwl6Z3QBflZsqaPHa8y5dhAqVlr1NS7EL VgCifutAppl2Fcl05p4F5pQLKHMYCO+5gPMnMfnOOe4BTch0VOg8N4qkv0Px JtSHjHucpivf4eJwznejYwDt/AtdyaB7LUC9N6yuLN+QYuB/mIo0YVU2wcgP iwr8ITfDUz5Nx0MUm9hmTbOyj6ixNOVuYMmOvevCzzU0ULEkr99EMoAJABEB AAHNHFplbm55IDxnYXJieXRyYXNoQGdtYWlsLmNvbT7CwHIEEAEIACYFAlcT xwEGCwkIBwMCCRABOcPTK6+XKwQVCAIKAxYCAQIbAwIeAQAAD5gH/21f5PLm ytP4rd9HLGKHTMQola/VKMoCMlA7zb1LLJKTCJayZmIproblTyWO8iSSkkaA 89gIifuCTvMJ8vh4WLTUfO0gr+41uZhLScYqAOoqgctCPsyrHxV4QBYAzGf7 1LAEymtYBSiKHhks4Jff190Czrfupz7AAuLxepS1/RIZbdmeYO2g8FWf4sIR ZFKehNMSWlspxYGxXdAmGLX+xtHD+LNHqqnERsuatynR9oJ3G8WauD4CiNgW IRyfxf2xZVj7J+bGzg7dl7IJNmp0UDTLqqsF2TFpURyfIAAAhb3WkQAaV5n1 osMST1BbCnWdGo5bjpReuBl3lQ5bIn3Gc3HOwE0EVxPHAQEIAL2Pq+od71kT /lRMt+XDryOc1XTT5DJW7BUMXOjXXOZfWsuGTrqU3O1XYPWYzoZy9L+6zpII On/auicvkUblWvrXkt4CIVIU1qDk6KpDKVKBiINy5sk7cTyjumbqxPmnVBK2 DHN27rLOnReCnFUmgIgbfgK0/un0oEnAHvsYdeg1ydipd2vVzx3aJ1TfQS1W IBWN125EO4nKQ5Kl1XV7nWvlv+ZvrOmOWVeSl9jpyZvLJDmks0E/AIF4QBJF K+NTME8+x7CwFDQwLGENXojeZOfsNHbln91KE1ZU1/QvzLHVqdZOo/s20Y7V tjdUsiUPpVQcsSpXLzGKPCWz90M3Be8AEQEAAcLAXwQYAQgAEwUCVxPHAgkQ ATnD0yuvlysCGwwAAL9hCACP7CY1fivXEN4X+l/C56l/nARrNVoZvJr4QHnF 9C/r5m6TLCMov0eOLg8IvZF7M0Ecyvq1IzNqbwQd+8mTA4tn+aND20fk2z08 floFL6fJykIyAGtRMwAb3HdC1pqexk/0pYxhoy9GtQzqvK/NbcPPdBDd1N7M pKdXDVhXhx0R1K6UlMYfnyc9o171UYRPlFrmdBV7ZLC4KeBKqFEESKXaxyRg D7E1FXGl1pDMh2QJNM/n9gVLJb0+znBsPG4jUNOctAOhRwF9Z23qsU6AGpOu QhWG1alJz6d1T4sTgPdh+K1nMWNKGUzzayAKrRPTbnwLEijqqJPpIIDVzoai py73 =JPvb -----END PGP PUBLIC KEY BLOCK----- ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
