Dear Tom, Please find attached the output of the 'shorewall dump' for your review. Cced to you in case the mailinglist does not allow attachment.
Thanks in advance. Wbr, /z On 2/15/17, Tom Eastep <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 02/15/2017 01:12 AM, Zenny wrote: >> On 2/15/17, Zenny <[email protected]> wrote: >>> Hi, >>> >>> I have shorewall 4.6 with the rules in which I have DNATted >>> required ports ( (including smtp and postfix+dovecot related >>> ports forwareded viz. 25, 465, 587, 993, and 995) to an internal >>> server (a lxc VM). >>> >>> However, on the machine that I run Shorewall, it says only port >>> 25 is open, but not others (465,587, 993 and 995). That might be >>> the reason the outgoing mail works, but incoming does not. >>> >>> # telnet <pulicIPofShorewallServer> 25 >>> Trying<pulicIPofShorewallServer> ... Connected to >>> <pulicIPofShorewallServer> . Escape character is '^]'. 220 >>> server2.domain.tld ESMTP Postfix (Debian/GNU) >>> >>> For other ports, it cannot connect: telnet: Unable to connect to >>> remote host: Connection refused >>> >>> Did I miss something to make changes in shorewall config files to >>> open those ports in the server running shorewall? >> >> >> Please find attached the output of: >> >> iptables -L at http://pastebin.geany.org/68TuE/ >> >> and >> >> iptables -t nat -L at http://pastebin.geany.org/TKbwe/ >> > > Both of those links have expired, and the output of plain 'iptables > - -L' is almost useless anyway. The output of 'shorewall dump' is best > for analyzing connection problems. > > Thanks, > - -Tom > - -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2 > Comment: GPGTools - http://gpgtools.org > > iQIcBAEBCAAGBQJYpNuyAAoJEJbms/JCOk0Q7YgQAKWEkOqHps2w7gIzpYbdOUsH > J3nlx94SSUmLpRI+l0RmRb37XotgGgIpOJTUlnXoXUPUjv0O3mgf1W74Yzlovcfu > tO1v4mQ3Zu7CjZ/3BhlVBhLkP7yi7lB/uYip00z4O4AlfX1YGV5Y6P2D7QKUAf6Z > V66wvc8KUBJbGzaRPA7njvDM9w7N7zXvU8PAvESuaNvlMfEc8TNpm3xagTFRZFsp > ZLF+MDYNnQaZ/+akUJvHKhjJ4hVD4s0I4AqOaOVz43GnJ4elncSCBZewiUYxp6hr > ziHVfFaYjgU00hvAdR/7mCPwjQd2z/uf/s+jaguHJD36AQg+S702z+I0r4lVV+pQ > bs2C2vZ8SJwYGTqJp6M4HjvtCUiGLzPWa2gh0yCDzKSxu8eqfoINRF7KVsIv/ZNP > Qo9aDpl6hQmknyvxu650hKWOS5esZRDdlEcInMjHdxPe4m01tVqxtN2Bb98CUQt+ > csSY8KiEmhzJvkGdZf9JzEVPfnQnnuTSm78BScYM3+PVwMghVO7xSDTQo0RvO5dc > wi7V1XLK6ahmaCAWrAq8rMcxY0dHiAiyrZlxEeD16CvBlil8b7HjW5cFfPqalfeb > 77g57GR5BmNZVLfrkcn9gOyL/ErGZd3+INWBSQ10kWVzpZsb5AmRXZCj171DZIUj > 265PagG+uvSslaLYTJvt > =64tT > -----END PGP SIGNATURE----- > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, SlashDot.org! http://sdm.link/slashdot > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users > -- Cheers, /z -----BEGIN PGP PUBLIC KEY BLOCK----- Comment: http://openpgpjs.org xsBNBFcTxwEBCAC+G0MG+BHNGs8orGRobPV6jd+8RtT4XhXXEnuEjLA5uHz8 1OulvUS/qiq58Jo/KEnTn19rtyNiN7GmrLvo14Q0+mpFQEfrnzj2NCr1bf8w l5r+CrIIb+xFEqf5dIHf3w1NNXgHwl6Z3QBflZsqaPHa8y5dhAqVlr1NS7EL VgCifutAppl2Fcl05p4F5pQLKHMYCO+5gPMnMfnOOe4BTch0VOg8N4qkv0Px JtSHjHucpivf4eJwznejYwDt/AtdyaB7LUC9N6yuLN+QYuB/mIo0YVU2wcgP iwr8ITfDUz5Nx0MUm9hmTbOyj6ixNOVuYMmOvevCzzU0ULEkr99EMoAJABEB AAHNHFplbm55IDxnYXJieXRyYXNoQGdtYWlsLmNvbT7CwHIEEAEIACYFAlcT xwEGCwkIBwMCCRABOcPTK6+XKwQVCAIKAxYCAQIbAwIeAQAAD5gH/21f5PLm ytP4rd9HLGKHTMQola/VKMoCMlA7zb1LLJKTCJayZmIproblTyWO8iSSkkaA 89gIifuCTvMJ8vh4WLTUfO0gr+41uZhLScYqAOoqgctCPsyrHxV4QBYAzGf7 1LAEymtYBSiKHhks4Jff190Czrfupz7AAuLxepS1/RIZbdmeYO2g8FWf4sIR ZFKehNMSWlspxYGxXdAmGLX+xtHD+LNHqqnERsuatynR9oJ3G8WauD4CiNgW IRyfxf2xZVj7J+bGzg7dl7IJNmp0UDTLqqsF2TFpURyfIAAAhb3WkQAaV5n1 osMST1BbCnWdGo5bjpReuBl3lQ5bIn3Gc3HOwE0EVxPHAQEIAL2Pq+od71kT /lRMt+XDryOc1XTT5DJW7BUMXOjXXOZfWsuGTrqU3O1XYPWYzoZy9L+6zpII On/auicvkUblWvrXkt4CIVIU1qDk6KpDKVKBiINy5sk7cTyjumbqxPmnVBK2 DHN27rLOnReCnFUmgIgbfgK0/un0oEnAHvsYdeg1ydipd2vVzx3aJ1TfQS1W IBWN125EO4nKQ5Kl1XV7nWvlv+ZvrOmOWVeSl9jpyZvLJDmks0E/AIF4QBJF K+NTME8+x7CwFDQwLGENXojeZOfsNHbln91KE1ZU1/QvzLHVqdZOo/s20Y7V tjdUsiUPpVQcsSpXLzGKPCWz90M3Be8AEQEAAcLAXwQYAQgAEwUCVxPHAgkQ ATnD0yuvlysCGwwAAL9hCACP7CY1fivXEN4X+l/C56l/nARrNVoZvJr4QHnF 9C/r5m6TLCMov0eOLg8IvZF7M0Ecyvq1IzNqbwQd+8mTA4tn+aND20fk2z08 floFL6fJykIyAGtRMwAb3HdC1pqexk/0pYxhoy9GtQzqvK/NbcPPdBDd1N7M pKdXDVhXhx0R1K6UlMYfnyc9o171UYRPlFrmdBV7ZLC4KeBKqFEESKXaxyRg D7E1FXGl1pDMh2QJNM/n9gVLJb0+znBsPG4jUNOctAOhRwF9Z23qsU6AGpOu QhWG1alJz6d1T4sTgPdh+K1nMWNKGUzzayAKrRPTbnwLEijqqJPpIIDVzoai py73 =JPvb -----END PGP PUBLIC KEY BLOCK-----
shorewall_dump.output
Description: Binary data
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
