On Wed, 2002-10-09 at 23:30, Anthony Gray wrote: <snipped> > Chain INPUT (policy DROP) > target prot opt source destination <snipped> > firewall icmp -- anywhere anywhere > firewall tcp -- anywhere anywhere tcp > flags:SYN,RST,ACK/SYN > firewall udp -- anywhere anywhere Everything below this in the INPUT chain will never be reached, this catches everything, logs it and drops it.
> ACCEPT tcp -- anywhere anywhere tcp dpt:smtp > flags:SYN,RST,ACK/SYN There should be no need to use these flags, in fact I think this will prevent normal traffic to this port which isn't an initial connection. When you try to telnet in from the machine itself, is it appearring in the logs with a source address of 127.0.0.1 or the network IP (Which is not explicity "unblocked" due to a failure to resolve the name)? Cheers, Malcolm V. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
