Hi

I have an email server 192.168.1.254.

We have a new leased line connection between sites.

Remote site gets dhcp from router, - range 192.168.2.0.

The Linux email server is rejecting the 192.168.2 addresses giving an error of

Apr 7 12:41:35 kernel: Packet log: input REJECT eth0 PROTO=6 192.168.2.8
:1031 192.168.1.254:110 L=48 S=0x00 I=1246 F=0x4000 T=126 SYN (#35)

I have added these lines to rc.firewall

/sbin/ipchains -A input -j ACCEPT -p tcp -s 192.168.2.0/255.255.255.0 25 -l
/sbin/ipchains -A input -j ACCEPT -p tcp -s 192.168.2.0/255.255.255.0 110 -l
/sbin/ipchains -A input -j ACCEPT -s 192.168.2.0/255.255.255.0 -l

but still not working.

This is the part of the result of ipchain --list | grep 192

ACCEPT all ------ 192.168.1.0/24 anywhere n/a
REJECT all ----l- 192.168.1.0/24 anywhere n/a
ACCEPT tcp ----l- 192.168.2.0/24 anywhere smtp -> any

ACCEPT tcp ----l- 192.168.2.0/24 anywhere pop3 -> any

ACCEPT all ----l- 192.168.2.0/24 anywhere n/a

What are those -l at the end of the rules you added?

What is the default policy?

Are there no -i eth0 or -p tcp rules above that would match the packet?