---------- Forwarded message ---------- From: Pál Csányi <[EMAIL PROTECTED]> Date: 2007.08.02. 17:52 Subject: Re: [Shorewall-users] exim4 behind a firewall To: Tom Eastep <[EMAIL PROTECTED]>
2007/8/2, Tom Eastep <[EMAIL PROTECTED]>: > Pál Csányi wrote: > > DNAT net loc:192.168.1.100 tcp 80 > > Didn't you want port 25 there rather than 80? No, this is for my web server, and this works fine, the port is open, and answers for the requests. Try http://csanyi-pal.info It's in hungarian language yet. > > The port 25 is still closed from the internet. :( > > > > Any advices? > > > > If you have further problems, please see the DNAT debugging tips in > Shorewall FAQs 1a and 1b. rules: DNAT net loc:192.168.1.10-192.168.1.98:25 tcp 25 - 212.200.112.79 I tried now with masq: ppp0 eth1 212.200.112.79 No success. I red Shorewall FAQs 1a. ----------------------------------------- - I'm trying to test from inside my firewall: http://wigwam.sztaki.hu/varazslatok/port_teszt.shtml It's in hungarian. You must to click on the button: WIGWAM - gyors tűzfalteszt that is in english: fast firewall test This site scan your ports and find out whether is the port open and answer for the queries. - on my desktop behind firewall: ifconfig eth1 Link encap:Ethernet HWaddr **:**:**:**:**:** inet addr:192.168.1.98 Bcast:192.168.1.255 Mask:255.255.255.0 eth1 get his IP address with dhcp-client from the firewall. route -n Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth1 - I ask from my ISP that, that he opens for me the ports 80 & 25, and he was opened these ports for me. - I'm running Debian GNU/Linux Etch I red Shorewall FAQs 1b. ----------------------------------------- iptables -t nat -Z With: http://wigwam.sztaki.hu/varazslatok/tamadas.shtml I attack my own port 25: Szimulált támadás szabadon választott porton: PORT: 25 TÁMADJ MEG! This is a simulated attacking for my port 25. sudo shorewall show nat ................................... Shorewall-3.2.6 NAT Table at debian-tuzfal - 2007. aug. 2., csütörtök, 17.38.52 CEST Counters reset 2007. aug. 2., csütörtök, 16.58.56 CEST Chain net_dnat (1 references) pkts bytes target prot opt in out source destination 0 0 DNAT tcp -- * * 0.0.0.0/0 212.200.112.79 tcp dpt:25 to:192.168.1.10-192.168.1.98:25 .................................. Tthe packet count is zero: - my ISP dosn't block the port 25 for me. - my firewall has 3 interfaces: eth0 (to the internet) eth1 (to the subnet) ppp0 (pptp-linux for VPN tunnel to my ISP) Because I must use pptp-linux to connect to my ISP, for that I use the ppp0 interface. The simulated attack can use only the ppp0 interface to connect to port 25. - My DNAT rule doesn't match the connection request in some other way. How can I use tcpdump to further diagnose the problem? -- Regards, Paul -- Regards, Paul ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
