-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 02/15/2017 01:12 AM, Zenny wrote: > On 2/15/17, Zenny <[email protected]> wrote: >> Hi, >> >> I have shorewall 4.6 with the rules in which I have DNATted >> required ports ( (including smtp and postfix+dovecot related >> ports forwareded viz. 25, 465, 587, 993, and 995) to an internal >> server (a lxc VM). >> >> However, on the machine that I run Shorewall, it says only port >> 25 is open, but not others (465,587, 993 and 995). That might be >> the reason the outgoing mail works, but incoming does not. >> >> # telnet <pulicIPofShorewallServer> 25 >> Trying<pulicIPofShorewallServer> ... Connected to >> <pulicIPofShorewallServer> . Escape character is '^]'. 220 >> server2.domain.tld ESMTP Postfix (Debian/GNU) >> >> For other ports, it cannot connect: telnet: Unable to connect to >> remote host: Connection refused >> >> Did I miss something to make changes in shorewall config files to >> open those ports in the server running shorewall? > > > Please find attached the output of: > > iptables -L at http://pastebin.geany.org/68TuE/ > > and > > iptables -t nat -L at http://pastebin.geany.org/TKbwe/ >
Both of those links have expired, and the output of plain 'iptables - -L' is almost useless anyway. The output of 'shorewall dump' is best for analyzing connection problems. Thanks, - -Tom - -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJYpNuyAAoJEJbms/JCOk0Q7YgQAKWEkOqHps2w7gIzpYbdOUsH J3nlx94SSUmLpRI+l0RmRb37XotgGgIpOJTUlnXoXUPUjv0O3mgf1W74Yzlovcfu tO1v4mQ3Zu7CjZ/3BhlVBhLkP7yi7lB/uYip00z4O4AlfX1YGV5Y6P2D7QKUAf6Z V66wvc8KUBJbGzaRPA7njvDM9w7N7zXvU8PAvESuaNvlMfEc8TNpm3xagTFRZFsp ZLF+MDYNnQaZ/+akUJvHKhjJ4hVD4s0I4AqOaOVz43GnJ4elncSCBZewiUYxp6hr ziHVfFaYjgU00hvAdR/7mCPwjQd2z/uf/s+jaguHJD36AQg+S702z+I0r4lVV+pQ bs2C2vZ8SJwYGTqJp6M4HjvtCUiGLzPWa2gh0yCDzKSxu8eqfoINRF7KVsIv/ZNP Qo9aDpl6hQmknyvxu650hKWOS5esZRDdlEcInMjHdxPe4m01tVqxtN2Bb98CUQt+ csSY8KiEmhzJvkGdZf9JzEVPfnQnnuTSm78BScYM3+PVwMghVO7xSDTQo0RvO5dc wi7V1XLK6ahmaCAWrAq8rMcxY0dHiAiyrZlxEeD16CvBlil8b7HjW5cFfPqalfeb 77g57GR5BmNZVLfrkcn9gOyL/ErGZd3+INWBSQ10kWVzpZsb5AmRXZCj171DZIUj 265PagG+uvSslaLYTJvt =64tT -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
