From: gerodonoghue at domain sigma-sl.ie
Date: Wed 27 Jun 2001 - 09:33:42 IST
Under ipchains check each chain from the ip address
rule Source destination
ipchains -C input -p tcp -s 192.168.1.3 4000 -d 192.168.1.1 25 -i eth0
repeat above for forward and output chain
You must recieve back accepted for all three chain rule checks.
A couple of things can do this under TCP Wrappers
Check your /etc/hosts.deny fule. There may be a rule as follows in it
ALL: ALL at domain ALL, PARANOID.
If such a rule exists the ipaddress must be in the /etc/hosts.allow file
as follows
popd: 192.168.1.1 :ALLOW
smtp: 192.168.1.1 :ALLOW
Also an entry must be made in your /etc/hosts file for each machine
which wish to connect to these services (This is because PARANOID rule
will do a DNS lookup to verify the address of connecting workstation)
Nor 100% sure if above syntax is correct please verify it in the man
pages or user docs.
Regards Ger
> I have been trying to get access to ports 25 & 110 to test mail, they work> if I use the local host name but they don't work locally if I use the
> machines IP address.
> A simple mater of making some IP rules, well so far I've discovered I was
> wrong on the simple bit - can anyone throw some light on my mess??
> I'm thinking I don't actually need to mention I know as much about ipchains,
> rules as I do firewalls - sod all, am willing to learn all though..
>
> thanks
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:10:52 GMT