I can get to ww.gmx.de, just the pop doesnt work.
Everything looks fine in tcpdump, unfortunatelly, it wont tell me if it
denys my packet or not?
Does it?
Spiekey
----- Original Message -----
From: "Joerg Trowski"
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi!
Do you have any problems to reach some homepages (e.g. GMX)? So if, it's not a setup-problem of your firewall. If not ignore this mail ;-0
Joerg
-----Original Message----- From: spiekey [mailto:spiekey@hotmail.com] Sent: Wednesday, February 27, 2002 2:56 PM To: suse-security@suse.com Subject: [suse-security] iptables - pop
Hello! For some reason i can´t get my mail from my gmx pop account, this is my IPTABLES script:
---SNIP---
#Default DROP policy. I set the other eth+ on Accept, to make sure its not their fault! iptables -P INPUT DROP iptables -P FORWARD ACCEPT iptables -P OUTPUT DROP
IFACE="ppp0"
---SNIP---
# POP # Allow POP, i tried everything to get is workins, as u can see ;) iptables -A INPUT -i $IFACE -p tcp --dport 110 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o $IFACE -p tcp --sport 110 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i $IFACE -p tcp --dport pop3 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o $IFACE -p tcp --sport pop3 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i $IFACE -p udp --dport 110 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o $IFACE -p udp --sport 110 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i $IFACE -p udp --dport pop3 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o $IFACE -p udp --sport pop3 -m state --state NEW,ESTABLISHED -j ACCEPT
---SNIP---
Anyone any idea what i did wrong?
Cheers, Spiekey
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
-----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use http://www.pgp.com
iQA/AwUBPHz3K5SHm0LcQT0JEQKvTACguPVmUqkdz6Xd0TDthHUtqBCqsZUAoMwx H6mhcAi7JdtRUBaevu8+7j26 =yTbV -----END PGP SIGNATURE-----
On Wednesday, 27. February 2002 16:32, spiekey wrote:
I can get to ww.gmx.de, just the pop doesnt work. Everything looks fine in tcpdump, unfortunatelly, it wont tell me if it denys my packet or not? Does it?
No, it doesn't. But maybe you're having a different problem - a friend of mine wasn't able to get mails from GMX after he got DSL. (Other providers worked well.) This had something to do with the MTU and could be solved by an iptables-rule. (I can't remember the exact syntax, but searching google for "clamp mss to" will help I bet.) Bjoern
participants (2)
-
Bjoern Engels
-
spiekey