LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 04-04-2005, 09:01 AM   #1
jgnasser
Member
 
Registered: Feb 2004
Location: Kenya
Distribution: Red Hat
Posts: 57

Rep: Reputation: 15
Routing problems


I'm running FC2 on a hp proliant server. This server has 2 network interfaces eth0 (for local network - has dhcp) and eth1 (for connecting to internet via a VSAT router). I have iptables configured for firewall and masquerading and the server runs dhcp on eth0. All has been well until a few days ago that clients cannot connect to external mail servers yet the server can connect to them. What could be the problem? When I attempt to telnet ports 25 or 110 from the client machines I get the error:

C:\>telnet pop.africaonline.co.ke 25
Connecting To pop.africaonline.co.ke...Could not open a connection to host on port 25 : Connect failed

I include my iptables and dhcp configuration:

Iptables:

:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]

-A PREROUTING -p tcp -m tcp -i eth0 --dport 80 -j REDIRECT --to-ports 3128
-A POSTROUTING -o eth1 -j MASQUERADE
COMMIT
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:LOGDROP - [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth0 -j ACCEPT
-A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth1 -p icmp -j ACCEPT
-A INPUT -i eth1 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -i eth1 -p udp -m udp --dport 161 -j ACCEPT
-A INPUT -j LOGDROP

# Allow Browsing
-A FORWARD -p tcp -m tcp --dport www -j ACCEPT
-A FORWARD -p tcp -m tcp --dport https -j ACCEPT

# Allow Mail
-A FORWARD -p tcp -m tcp --dport smtp -j ACCEPT
-A FORWARD -p tcp -m tcp --dport pop3 -j ACCEPT
-A FORWARD -p tcp -m tcp --dport imap -j ACCEPT

# Allow DNS Queries
-A FORWARD -p udp -m udp --dport domain -j ACCEPT

# Allow UCDavis Proxy
-A FORWARD -p tcp -m tcp --dport 3128 -j ACCEPT

# allow Traffic from above request back
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

-A FORWARD -j LOGDROP
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o eth0 -j ACCEPT
-A OUTPUT -o eth1 -j ACCEPT
-A OUTPUT -d 0.0.0.0/0.0.0.0 -o eth1 -j ACCEPT
-A OUTPUT -j LOGDROP
-A LOGDROP -j LOG --log-level info
-A LOGDROP -j DROP
COMMIT
*mangle
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT



dhcpd.conf:

server-identifier localserver.org;
option domain-name "local.org";
option domain-name-servers 192.168.0.9,195.202.64.1,195.202.64.2,198.6.1.1;
option routers 192.168.0.9;
option subnet-mask 255.255.255.0;
max-lease-time 144000;
default-lease-time 144000;

shared-network MRC {
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.100 192.168.0.220;
}
}
ddns-update-style ad-hoc;
ddns-updates on;
 
Old 04-04-2005, 09:24 AM   #2
peter_mclein
LQ Newbie
 
Registered: Mar 2005
Posts: 3

Rep: Reputation: 0
look for the services status.

#chkconfig --list telnet

if this ervice is off and you want to change this service:

chkconfig telnet on
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Having problems routing between two interfaces... stakhous Linux - Networking 8 12-05-2004 06:10 PM
routing problems hakiro Linux - Networking 4 07-20-2004 09:50 AM
linux routing problems gabell27 Linux - Networking 2 04-26-2004 02:38 PM
Routing problems luky2k Linux - Networking 7 11-21-2003 08:21 AM
Routing problems??? bfloeagle Linux - Networking 6 03-26-2003 02:04 PM


All times are GMT -5. The time now is 05:25 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration