Network Troublshooting > Linux Servers Support

Howto open ports 25 and 110?

(1/2) > >>

I have a proxyserver on squid with one network interface (eth0) and ADSL connection. Internal computers use a certain accounting software which needs ports 25, 110 to be opened so that they could exchange some data with other PCs outside the lan. I know that squid cannot do this. I also was told that I should play around with iptables to open these ports. Can you tell me how to do this? :?:
Particularly, could you give me a list of commands that will help open 25 and 110.

Thank you.

You are saying that you want to open ports.. i think those are used for smtp or pop..  Well if you are already having a script for firewall then add the following lines to your script at the end.. If not then add the following lines to your /etc/rc.d/rc.local in the end.. But be sure that those lines will delete any existing rules.. you can ommit the line i have commented with '#' .

--- Code: ---IPTABLES = /sbin/iptables

$IPTABLES -A INPUT -p tcp --dport 25 -j ACCEPT
$IPTABLES -A INPUT -p tcp --dport 110 -j ACCEPT
--- End code ---

For squid.. make a acl like..

--- Code: ---acl ext_ports port 25 110
http_access allow ext_ports

--- End code ---

I did everything as you wrote plus I opened port 53 (one of my friends told me to do so) and I even restarted the whole linux box to make new rules apply for sure. However, I still can't telnet pop and smtp servers from inside the lan. I wrote other iptables commands before. Do I have to delete them first if they are conflicting somehow with rules that you gave me? Or there is anything else? Please, help me!

Do you have any other script running on your system regarding iptables.. such as firewall... then show that to me..

Well not to my knowledge. I did not write any scripts for firewall regarding iptables. This server was dedicated only for running proxy server, that's why what I did was that I configured squid only. You know, I talked to our ISP and they offered my to write the following rules to my rc.local file:

iptables -t nat -F
iptables -t nat -A POSTROUTING -s 192.168.x.x/24 -p tcp --dport 110 -j
SNAT --to-source 81.95.x.x
iptables -t nat -A POSTROUTING -s 192.168.x.x/24 -p tcp --dport  25 -j
SNAT --to-source 81.95.x.x
sysctl -w net.ipv4.ip_forward=1

where 192.168.x.x -- IP address of my network
and 81.95.x.x -- IP address of our IP address given by our ISP.

And I did put 'em in. However, it did not work. I'm checking with outlook and still cannot connect. Neither can I telnet for example 110 server. Maybe I'm doing something wrong. There has to be some decision. Thank you for your patience.

P.S. do I need to type $ sign in front of the word "iptables", and what does $ sign mean?


[0] Message Index

[#] Next page

Go to full version