LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   "connection refused" on port 993, when not coming from localhost (https://www.linuxquestions.org/questions/linux-networking-3/connection-refused-on-port-993-when-not-coming-from-localhost-72530/)

spam4scott 07-14-2003 03:39 AM
"connection refused" on port 993, when not coming from localhost
 
Hi.
I have pretty much a default installation of Redhat 8.0. I'm trying to enable secure imap but I seem to get a "connection refused" whenever I try to come in from anywhere other than localhost. I'm not aware of any firewall settings and my hosts.deny and hosts.allow are empty. I can connect to a bunch of other ports (e.g. 80, 22, 25) but not 993 (or 143; I haven't even bothered with regular imap). A bit more info:

"netstat -nl" produces output including the line
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN

$ more /etc/xinetd.d/imaps
# default: off
# description: The IMAPS service allows remote users to access their mail \
# using an IMAP client with SSL support such as Netscape \
# Communicator or fetchmail.
service imaps
{
disable = no
socket_type = stream
wait = no
user = root
server = /usr/sbin/imapd
log_on_success += HOST DURATION
log_on_failure += HOST
}

If I go to my Redhat Services Configuration, it shows imaps as being "Currently running at Runlevel 5". I have run "/etc/init.d/xinetd restart" several times....

My /etc/xinetd.conf file is the usual one, specifying 993 as the imaps (tcp) port. I've created ssl certificates, yadda yadda yadda, but I still can't connect to port 993!! :-( Like I said, I *dont* have a firewall.
I had a problem earlier with sendmail, e.g. that sendmail would by default refuse all connections on port 25 that were not coming from localhost. Is there some similar default that I need to disable for port 993?

What to do?
Thanks.

spam4scott 07-14-2003 04:15 AM
Solved; I think.
Apparently I had iptables running. Is this a default with Redhat 8.0? I ran "service iptables stop" and now I can connect to port 993 from outside (and thus get my email)!

Follow-up question: Has disabling iptables now opened some gaping security hole in my system?
(I really don't even know what a "chain" is, so I found "man iptables" rather hard to understand.)


Thanks.
-Scott

gruger 07-14-2003 06:35 AM
You can try the folowing to configure your iptables

this command to see the tables

iptables -L --> to get a list

To insert a rule try
iptables -A INPUT -p tcp --dport 993 -j ACCEPT

To delete a rule use
iptables -D INPUT [rulenumber or rulename]

To save type

iptables-save > /etc/sysconfig/iptables ( for example )

and to restore

iptables-restore /etc/sysconfig/iptables ( for example )


Hope this helps .... Cheers


All times are GMT -5. The time now is 02:02 AM.