Dear List,
I have postfix running on RH9 with SMTPS. It works fine. I layered
iptables onthe box with rules allowing SMTP AUTH (port 113). When I
disable iptables, smtps works perfectly. When I enable iptables, port
113 is closed (?).
My question is:
Does smtps listen on a different port to 113 and therefore I would want
to open it? If so what is that port?
If not, I am maintaining state and my iptables rule is:
********************************************************
# Incoming Remote Client Requests to Local Servers
if [ "$CONNECTION_TRACKING" = "1" ]; then
iptables -A INPUT -i $INTERNET -p tcp \
--sport $UNPRIVPORTS \
-d $IPADDR --dport 113 \
-m state --state NEW -j ACCEPT
fi
if [ "$ACCEPT_AUTH" = "1" ]; then
if [ "$CONNECTION_TRACKING" = "1" ]; then
iptables -A INPUT -i $INTERNET -p tcp \
--sport $UNPRIVPORTS \
-d $IPADDR --dport 113 \
-m state --state NEW -j ACCEPT
fi
iptables -A INPUT -i $INTERNET -p tcp \
--sport $UNPRIVPORTS \
-d $IPADDR --dport 113 -j ACCEPT
iptables -A OUTPUT -o $INTERNET -p tcp ! --syn \
-s $IPADDR --sport 113 \
--dport $UNPRIVPORTS -j ACCEPT
else
iptables -A INPUT -i $INTERNET -p tcp \
--sport $UNPRIVPORTS \
-d $IPADDR --dport 113 -j REJECT --reject-with tcp-reset
fi
***********************************************************************
TIA
George
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list
