OMG! Port 113. Added:
iptables -A INPUT -p TCP --sport 1024:65535 --dport 113 -j ACCEPT iptables -A OUTPUT -p TCP --dport 1024:65535 --sport 113 -j ACCEPT to Router1 script and it is now working. Sonofa! Ryan. -----Original Message----- From: Ryan McAlister Sent: Thursday, January 02, 2003 11:42 AM To: Ryan McAlister; [email protected] Subject: RE: Stateful problem when using IMAP. Need a Guru. Just as a test I set the INPUT and OUTPUT policies to ACCEPT and left FORWARD at DROP and it's working. So my problem must be in there somewhere. Ryan -----Original Message----- From: Ryan McAlister Sent: Thursday, January 02, 2003 11:29 AM To: [email protected] Subject: RE: Stateful problem when using IMAP. Need a Guru. Ok I know it's not Router2 because IMAP is slow to other mail servers from pc's behind Router1 with fw-up enabled also. I tried removing the DROP rules one by one and it will only work when they are ALL set to ACCEPT. I can't see how it's dns because the problem only happens when I turn on fw-up on Router1 or I am not behind any firewall at all and I connect to the IMAP server everything is fine. -----Original Message----- From: Jason McCarty [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 31, 2002 4:55 PM To: [email protected] Subject: Re: Stateful problem when using IMAP. Need a Guru. Ryan wrote: > When I enable stateful filtering (sh fw-up) on Router1 IMAP connections > to my mail server behind Router2 are painfully slow druing the initial > connection. If I disable sateful filtering (sh fw-dn) on Router1 IMAP > connections have no issues. This sounds like a reverse DNS problem to me. Make sure you can resolve addresses correctly from the imap servers. > > I have a feeling the problem is in the way I have stateful filtering > enabled on Router2 but I'm too much of a n00b to figure it out. Maybe you should add a logging rule to each chain temporarily, so you can see if packets are being dropped improperly just by reaching the end of the chain. If that doesn't identify the problem, I'd try removing all the DROP rules one by one to see which one is doing it. HTH, Jason McCarty -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
