[Cialug] Procmail / Sendmail config pbm
Josh More
MoreJ at alliancetechnologies.net
Tue Apr 5 14:04:06 CDT 2011
Try troubleshooting by commenting out all lines after "-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT" and seeing if it will run the setup without issue. (Note that this may kill your SSH.)
Alternatively, move this file to a backup and use system-config-securitylevel to create a new file from scratch. If that works, your system is fine with regards to iptables and you just have to get the rules right. Add them in one at a time and see which one causes the problem.
Were it me, I would do the latter, as there are a lot of lines that are commented out that may either need that or are commented out for troubleshooting, so it is difficult to identify what it's supposed to be doing.
Josh More | Senior Security Consultant - CISSP, GIAC-GSLC Gold, GIAC-GCIH
Alliance Technologies | www.AllianceTechnologies.net
400 Locust St., Suite 840 | Des Moines, IA 50309
515.245.7701 | 888.387.5670 x7701
Blog: Don't just blame the bad guys, it's your fault too
http://www.alliancetechnologies.net/blogs/morej
How are we doing? Let us know here:
http://www.alliancetechnologies.net/forms/alliance-technologies-feedback-survey
________________________________________
From: cialug-bounces at cialug.org [cialug-bounces at cialug.org] on behalf of Tim Perdue [cialug at perdue.net]
Sent: Tuesday, April 05, 2011 13:20
To: Central Iowa Linux Users Group
Subject: Re: [Cialug] Procmail / Sendmail config pbm
On 4/5/2011 1:17 PM, Josh More wrote:
> It would help to send us the error and the iptables file.
Here is the file
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#home
-A RH-Firewall-1-INPUT -i eth0 -p tcp --dport 22 -m iprange --src-range
67.41.107.185-67.41.107.185 -j ACCEPT
COMMIT
#george
#-A RH-Firewall-1-INPUT -i eth0 -p tcp --dport 22 -m iprange --src-range
209.234.78.30-209.234.78.30 -j ACCEPT
#COMMIT
#-A RH-Firewall-1-INPUT -i eth0 -p tcp --dport 80 -m iprange --src-range
208.80.193.1-208.80.193.254 -j REJECT
#COMMIT
#-A RH-Firewall-1-INPUT -i eth0 -p tcp --dport 22 -j REJECT
#COMMIT
##dorgforge
#-A RH-Firewall-1-INPUT -i eth0 -p tcp --dport 25 -m iprange --src-range
213.61.111.6-213.61.111.6 -j REJECT
#COMMIT
#-A RH-Firewall-1-INPUT -i eth0 -p tcp --dport 25 -m iprange --src-range
129.10.63.129-129.10.63.129 -j REJECT
#COMMIT
#-A RH-Firewall-1-INPUT -i eth0 -p tcp --dport 25 -j ACCEPT
#COMMIT
#-A RH-Firewall-1-INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
#COMMIT
#-A RH-Firewall-1-INPUT -i eth0 -p tcp --dport 443 -j ACCEPT
#COMMIT
#-A RH-Firewall-1-INPUT -i eth0 -p tcp --dport 993 -j ACCEPT
#COMMIT
#-A RH-Firewall-1-INPUT -i eth0 -j REJECT
#COMMIT
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug
More information about the Cialug
mailing list