Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 12-09-2003, 03:27 PM   #1
LQ Newbie
Registered: Dec 2003
Posts: 7

Rep: Reputation: 0
Email not working after IPTABLES setup

Well I setup the most basic set of rules for my FW. When I was finished, I tested from my LAN PC, I was able to surf the net and check my email using Outlook. Now after about 40min. I can no longer check my email. Everything else works just fine. And no changes have been made to the FW. What could cause this? It has happened on 2 setups of my iptbales. And they are basic rules. Thanks in advance!
Old 12-09-2003, 03:43 PM   #2
Senior Member
Registered: Feb 2003
Location: The Real Washington
Distribution: Debian, Android
Posts: 1,819

Rep: Reputation: 46
Post your rules (output of iptables -L) and we'll have a look. This kind of stuff happens with Iptables. While it is the greatest firewall software on Earth, it's also very picky.
Old 12-09-2003, 06:30 PM   #3
LQ Newbie
Registered: Dec 2003
Posts: 7

Original Poster
Rep: Reputation: 0
OK well below is my IPTABLE. Like I said very basic, I'm totally new to this. I just tried again and nothing. I can surf the net, ftp, ssh. Just can't get my outlook to contact the mail server. I just hooked my PC to the cable modem without the FW and it worked just fine. But once the FW is back in the loop it fails stil. Once again thanks in advance





iptables -F INPUT
iptables -F FORWARD
iptables -F OUTPUT
iptables -t nat -F PREROUTING
iptables -t nat -F POSTROUTING

# Kernel guard against SYN flooding
echo 1 > /proc/sys/net/ipv4/tcp_syncookies

# INPUT Rule Set
iptables -A INPUT -i eth0 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i $INTIF -m state --state NEW -j ACCEPT
iptables -A INPUT -i lo -m state --state NEW -j ACCEPT
iptables -A INPUT -p tcp --dport 20 -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p icmp -j ACCEPT
iptables -A INPUT -m limit --limit 3/second --limit-burst 5 -i ! lo -j LOG --log-level 7 --log-prefix "FW_INPUT "
iptables -A INPUT -i ! lo -j DROP

# FORWARD Rule Set
iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
iptables -A FORWARD -i $EXTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -j LOG --log-level 7 --log-prefix "FW_FORWARD "
iptables -P FORWARD DROP

# OUTPUT Rule Set
iptables -A FORWARD -o ! lo -j LOG --log-level 7 --log-prefix "FW_OUTPUT "

# NAT Rule Set
iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

Old 12-09-2003, 08:59 PM   #4
Registered: Jul 2003
Location: Batam
Distribution: Ubuntu 10 And Linux Mint
Posts: 414

Rep: Reputation: 30
Ok in your input rule, try put this :

iptables -A INPUT -p tcp -s 0/0 -d 0/0 --destination-port 25 -j ACCEPT
iptables -A INPUT -p tcp -s 0/0 -d 0/0 --destination-port 110 -j ACCEPT

run the scripts
Old 12-09-2003, 09:21 PM   #5
LQ Newbie
Registered: Dec 2003
Posts: 7

Original Poster
Rep: Reputation: 0
Thanks for the help. I figured out the problem. I had to call up my Cable ISP provider and ask for their POP and SMTP server IP's before it was just set as "pop" and "smtp" in the software. But thanks for the help!


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
email server setup thick_guy_9 Slackware 6 02-17-2005 10:08 AM
How do i setup email alerts? mjpowersjr Linux - Networking 4 11-23-2004 02:10 AM
Email Setup Cynthia Blue Linux - Software 13 11-12-2004 02:19 PM
A few email setup questions.... Mr. Eek Linux - Software 2 11-04-2003 09:35 PM
Help with email server setup..?? dalk Linux - Newbie 0 09-20-2001 11:45 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:14 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration