LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-10-2002, 02:49 PM   #1
Cynthia Blue
Member
 
Registered: Dec 2002
Location: SLC Utah USA
Distribution: SuSe 9.1
Posts: 102

Rep: Reputation: 15
Problem Opening Ports


Hi all, just found your site, a friend recommended it.

I installed Red Hat Linux 8 a couple of weeks ago. Mainly because my W2K server kept getting stop errors, which may or may not have been hardware/software/driver related. Anyway, in addition to replacing the computer, I replaced the OS.

It ran fine for a couple of weeks. Sunday night I got FTP up and running, and, of course, most of my website on it. Monday morning... the ports which were opened changed. Now I think it was actually my DSL/router which had reset overnight and changed the internal IP address of my server (I had not changed the NAT settings on my DSL after putting the new server on... so the old IP address was in effect. After reset, the server has a new IP address). Anyway, not wanting to risk having been cracked, I reinstalled the OS. Which I probably didn't need to do. Instead I needed to look at the ports.

However, it's done. I am still, however, having problems opening the ports. Of course this 2nd install was quick and dirty, I didn't read my book quite as exensively as I did the first time (Red Had Linux 8 Bible).

I did get the NAT settings right on my DSL, and I'm actually only trying to get the email working at this point, because my server is mainly my email server. I have been checking my ports through Sheilds UP! (https://grc.com/x/ne.dll?bh0bkyd2). The ports 25, 110, and 80 all went from 'stealth' to 'closed'. I actually did manage to get port 110 open, and I can connect to the server via POP3. I managed this after changing the pop3 file located in .. oh I'm going off memory now because I'm not in front of my server... I think in /etc/xinet.d/pop3.. I changed disable = yes to disable = no. That seemed to get that up.

Oh, I am running Guarddog as my iptables firewall management tool. I have SMTP, POP, AUTH/IDENT, HTTP, DNS.. all open. The same settings I had Sunday night, which worked. However, the port tool still shows 25 closed.. so SMTP is still down.

Any tips on what I would need to do to get port 25 open for SMTP? Is there another configuration file that I need to fiddle with? I've customized the main.cf file... I'm using Postfix as my mail server software. It was working fine before the reinstall, and before the ports were closed... (bashes self on head for reinstalling and not checking the DSL first).

After this I'll work on getting port 80 open again... but 25.. all my email is bouncing, and I just hate that.

Thanks!
Cynthia

Last edited by Cynthia Blue; 12-11-2002 at 09:13 AM.
 
Old 12-10-2002, 06:25 PM   #2
BoldKiller
Member
 
Registered: Apr 2002
Location: Montreal, Quebec
Distribution: Debian, Gentoo, RedHat
Posts: 142

Rep: Reputation: 15
1- You said the router reset. If it has a firewall (like most router) it might be blocking the ports.

2- Are you sure your ISP is not blocking the SMTP port. Since you were already running your mail server on that connection I doubt it but you never know.

That's all I can think of right now. I know it's not a lot but...

P.S. Could you give more details about your iptables configurations.
 
Old 12-10-2002, 06:50 PM   #3
Cynthia Blue
Member
 
Registered: Dec 2002
Location: SLC Utah USA
Distribution: SuSe 9.1
Posts: 102

Original Poster
Rep: Reputation: 15
The router is actually my Cisco 675 DSL modem. It acts as a router (or so I believe). I do not think it has a firewall built in.

My ISP isn't blocking port 25.. I was running mail off that port with my W2K server, and with the Linux box prior to Sunday.

As for my iptables... I'm not familiar with how to set it up at all... so I downloaded and am using Guarddog which configures it for me. However, I could give some more detailed information when I get home tonight and can look. It definitely could be a firewall issue. How can I tell if it is...? Disable the firewall entirely and see what ports are open?

Thanks for your reply.
 
Old 12-10-2002, 09:51 PM   #4
Cynthia Blue
Member
 
Registered: Dec 2002
Location: SLC Utah USA
Distribution: SuSe 9.1
Posts: 102

Original Poster
Rep: Reputation: 15
You know it has to be that my box is not listening to the correct IP address. POP3 is working and is okay, but that does not need the IP address. HTTPD and SMTP and FTP do. I've disabled all firewalls. But still no port. What settings do I have to make to get the box to hear the IP address?

I've set the eth0 device configuration for my IP address and my domain name. I've added the entry in the hosts file. What in the world am I missing?
 
Old 12-10-2002, 10:20 PM   #5
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Just a basic question regarding your setup ...

The DSL-Modem router thing gets an IP-address
from your ISP ... but for the internal network, what do
you use there? I would assume that if the router got
reset it probely tries to talk to some address you're not
using at all?

Or has it got a built-in DHCP server while you are using
a fixed address?

Cheers,
Tink
 
Old 12-11-2002, 09:11 AM   #6
Cynthia Blue
Member
 
Registered: Dec 2002
Location: SLC Utah USA
Distribution: SuSe 9.1
Posts: 102

Original Poster
Rep: Reputation: 15
The DSL get's it's external IP address assigned by my ISP. It's a static IP address. Then it assigns internal IP addresses to the computers on the internal network. I have to have the settings on my computers in the internal network to get a IP address assigned to them by DHCP, which is how it's set up. If I try to change that to static, I can't connect outward to the internet.

I have to set the NAT in the DSL to hook up the external IP address to the correct internal IP address for the server, which has been done.

Playing with it last night... I opened and closed the NAT table for pop3 a number of times, it closed and opened for me. Also changed the firewall settings for it, same result. The same also happened for ports 25 and 110 except for those I haven't been able to get them 'open'. Only 'stealth' or 'closed'. But I can get the status to change from 'stealth' to 'closed' and back again.

What is a checklist of the things I have to make sure are open for my box to hear the internet:

DSL NAT entries set properly - I believe this is done
firewall set up properly - I belive this is done
eth0 device set up properly - I think this is done, checked it last night
main.cf for httpd set up properly - could be a flaw in here
the other conf file for postfix - could be a flaw in here

Is there ANYTHING ELSE I'd need to check for data to flow back and forth? Any other files I'm missing?

Thanks.

Last edited by Cynthia Blue; 12-11-2002 at 09:12 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Scary: ISO-8859-1 and 666 primo General 2 08-28-2005 05:49 AM
Oh boy this is scary floppywhopper General 14 03-09-2005 06:51 PM
scary stuff bikov_k Linux - General 1 01-11-2005 12:35 AM
This is scary davholla General 5 11-08-2004 07:25 PM
scary message on building CVS chr15t0 Linux - General 10 09-30-2002 02:44 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:38 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration