Greetings,
I have a weird problem. I had a power interruption today during a
generator install, and when everything came back up afterwards, my XMPP
server (ejabberd) is not receiving any external connections. No
firewall rules changed.
The relevant rules in my Shorewall config are:
Jabberd(ACCEPT) all all
JabberPlain(ACCEPT) all all
JabberSecure(ACCEPT) all all
...
# Jabber (moved to narn)
DNAT net LAN:10.24.32.17
tcp 3478,4560,5222,5223,5269,5280,5347,5444,8010,8888
DNAT net LAN:10.24.32.17
udp 3478
These are the exact same, unchanged rules that were running before the
downtime. A friend ran an nmap scan from outside the firewall:
21:03 < ~Fuzzy_Elf> PORT STATE SERVICE VERSION
21:03 < ~Fuzzy_Elf> 22/tcp closed ssh
21:03 < ~Fuzzy_Elf> 25/tcp open smtp Postfix smtpd
21:03 < ~Fuzzy_Elf> 53/tcp open domain ISC BIND 9.16.37
21:03 < ~Fuzzy_Elf> 80/tcp open http Apache httpd
21:03 < ~Fuzzy_Elf> 443/tcp open ssl/http Apache httpd
21:03 < ~Fuzzy_Elf> 6667/tcp closed irc
21:03 < ~Fuzzy_Elf> Service Info: Hosts: -smtp.caerllewys.net,
www.caerllewys.net
Notably MISSING from this list of open ports is 3478, for starters. If
I LOCALLY nmap the same host, I get:
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
3306/tcp open mysql
5222/tcp open xmpp-client
5269/tcp open xmpp-server
5280/tcp open xmpp-bosh
8888/tcp open sun-answerbook
9000/tcp open cslistener
9102/tcp open jetdirect
9200/tcp open wap-wsp
Note that all the xmpp ports are present as expected.
Can anyone suggest to me why my firewall is apparently ignoring my
instructions to accept and DNAT XMPP traffic?
--
Phil Stracchino
Babylon Communications
ph...@caerllewys.net
p...@co.ordinate.org
Landline: +1.603.293.8485
Mobile: +1.603.998.6958
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users