hello everyone,
i have some sort of problem with my firewall (iptables)
our local network shows up on our internet imap server
locallan <-> firewalled router <-> intet
|
mail-server ^
here is some iptables info
eth1 and eth2 are local lan's, eth0 is the network interface connected to the internet
i use a masquerade rule, to coverup the local lan IP's,
but as you see in the iptables log, the ip's for the local lan still show's up ???
it's only for the imap services, other ports don't have this problem ???
how is this possible??? i thought i had a normal good firewall stript?
---iptables log--------------------------
From 192.168.9.93 - 6 packets
To 81.112.2.23 - 6 packets
Service: imap2 (tcp/143) ([IPTABLES DROP]

- 6 packets
From 192.168.9.151 - 6 packets
To 81.112.2.23 - 6 packets
Service: imap2 (tcp/143) ([IPTABLES DROP]

- 6 packets
-----------------------------------------
#!/bin/bash
iptables -F
iptables -t nat -F
iptables --delete-chain
iptables --table nat --delete-chain
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route
echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
#####################
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
#iptables -A INPUT -m state --state INVALID -j DROP
#iptables -A FORWARD -m state --state INVALID -j DROP
#iptables -A OUTPUT -m state --state INVALID -j DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o eth2 -j ACCEPT
iptables -A INPUT -i eth1 -j ACCEPT
iptables -A INPUT -i eth2 -j ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
#####################
(ps. ip's are fingerd!!)