Thanks Malcolm, I operlooked the fact that all the new rules I was adding were below the "drop/log all" section. Once I changed this, all was fine ahhh.
Regards Anthony >From: Malcolm V <[EMAIL PROTECTED]> >To: Sydney Linux Users Group Mailing List <[EMAIL PROTECTED]> >Subject: Re: [SLUG] firewall blocking telnet to smtp port >Date: 10 Oct 2002 00:14:03 +1000 > >On Wed, 2002-10-09 at 23:30, Anthony Gray wrote: ><snipped> > > Chain INPUT (policy DROP) > > target prot opt source destination ><snipped> > > firewall icmp -- anywhere anywhere > > firewall tcp -- anywhere anywhere tcp > > flags:SYN,RST,ACK/SYN > > firewall udp -- anywhere anywhere >Everything below this in the INPUT chain will never be reached, this >catches everything, logs it and drops it. > > > ACCEPT tcp -- anywhere anywhere tcp dpt:smtp > > flags:SYN,RST,ACK/SYN >There should be no need to use these flags, in fact I think this will >prevent normal traffic to this port which isn't an initial connection. > >When you try to telnet in from the machine itself, is it appearring in >the logs with a source address of 127.0.0.1 or the network IP (Which is >not explicity "unblocked" due to a failure to resolve the name)? > >Cheers, >Malcolm V. > >-- >SLUG - Sydney Linux User's Group - http://slug.org.au/ >More Info: http://lists.slug.org.au/listinfo/slug _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
