LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-08-2014, 12:32 AM   #1
Arun Kurian
LQ Newbie
 
Registered: Oct 2013
Posts: 23

Rep: Reputation: Disabled
Port 25 blocked by IPtables


Hi,

I am facing an issue with iptables. My SMTP port 25 is been blocked by iptables most of the time. Although I tried to whitelist the port it has no effect.

#iptables-save | grep 25
-A OUTPUT -o lo -p tcp -m tcp --dport 25 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 25 -j DROP


I could see an ACCEPT and DENY rule. As we remove the DENY the mails will be functional again, but after some time the port is been blocked again. We use postfix for our mail server and we also have CSF installed in it. We also tried using port 26. Still no luck. How could I resolve this issue permanently? Any clue ?
 
Old 04-08-2014, 01:35 AM   #2
kirukan
Senior Member
 
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,272

Rep: Reputation: 148Reputation: 148
post the iptables output then people can help you...
Quote:
iptables -nL
INPUT chain is the most important because usually need to filter-out the incoming traffic's.
OUTPUT chain is handling the outgoing traffic from your server. so mostly i don't filter it.
 
Old 04-08-2014, 04:03 AM   #3
Arun Kurian
LQ Newbie
 
Registered: Oct 2013
Posts: 23

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by kirukan View Post
post the iptables output then people can help you...
INPUT chain is the most important because usually need to filter-out the incoming traffic's.
OUTPUT chain is handling the outgoing traffic from your server. so mostly i don't filter it.
Result of #iptables -L -n | grep 25 is as follows :

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 owner GID match 41
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 owner GID match 12
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 owner UID match 0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
 
Old 04-08-2014, 04:06 AM   #4
descendant_command
Senior Member
 
Registered: Mar 2012
Posts: 1,380

Rep: Reputation: 353Reputation: 353Reputation: 353Reputation: 353
That's nice dear...
...and also mostly redundant and duplicated.

Now post the rest too as that is where the problem is (if that IS actually the problem).

Last edited by descendant_command; 04-08-2014 at 04:07 AM.
 
Old 04-17-2014, 01:19 AM   #5
Arun Kurian
LQ Newbie
 
Registered: Oct 2013
Posts: 23

Original Poster
Rep: Reputation: Disabled
I had set SMTP Blocking in the csf.conf to 1.
Would that be the cause?
How could I sort the root cause from the logs? Which log files should I check on.

SMTP_BLOCK = "1"
 
  


Reply

Tags
csf, iptables, port blocking, port25, smtp


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SFTP server port blocked on Uni network, need to change the listening port. sammyboy161 Linux - Newbie 2 10-21-2010 01:03 PM
[SOLVED] iptables: port 53 blocked but server resolve DNS query n03x3c Linux - Security 9 06-29-2010 11:19 AM
Iptables - port forwarding to blocked port? spangberg Linux - Networking 2 03-26-2010 05:48 AM
I blocked SSH 22 port with IPtables seryi Linux - General 7 02-02-2010 08:43 PM


All times are GMT -5. The time now is 01:47 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration