Network Troublshooting > Linux Servers Support

Howto open ports 25 and 110?

(1/2) > >>

Timur:
I have a proxyserver on squid with one network interface (eth0) and ADSL connection. Internal computers use a certain accounting software which needs ports 25, 110 to be opened so that they could exchange some data with other PCs outside the lan. I know that squid cannot do this. I also was told that I should play around with iptables to open these ports. Can you tell me how to do this? :?:
Particularly, could you give me a list of commands that will help open 25 and 110.

Thank you.

Ricky:
You are saying that you want to open ports.. i think those are used for smtp or pop..  Well if you are already having a script for firewall then add the following lines to your script at the end.. If not then add the following lines to your /etc/rc.d/rc.local in the end.. But be sure that those lines will delete any existing rules.. you can ommit the line i have commented with '#' .

--- Code: ---IPTABLES = /sbin/iptables

$IPTABLES -A INPUT -p tcp --dport 25 -j ACCEPT
$IPTABLES -A INPUT -p tcp --dport 110 -j ACCEPT
--- End code ---

For squid.. make a acl like..

--- Code: ---acl ext_ports port 25 110
http_access allow ext_ports

--- End code ---

Timur:
I did everything as you wrote plus I opened port 53 (one of my friends told me to do so) and I even restarted the whole linux box to make new rules apply for sure. However, I still can't telnet pop and smtp servers from inside the lan. I wrote other iptables commands before. Do I have to delete them first if they are conflicting somehow with rules that you gave me? Or there is anything else? Please, help me!

Ricky:
Do you have any other script running on your system regarding iptables.. such as firewall... then show that to me..

Timur:
Well not to my knowledge. I did not write any scripts for firewall regarding iptables. This server was dedicated only for running proxy server, that's why what I did was that I configured squid only. You know, I talked to our ISP and they offered my to write the following rules to my rc.local file:

iptables -t nat -F
iptables -t nat -A POSTROUTING -s 192.168.x.x/24 -p tcp --dport 110 -j
SNAT --to-source 81.95.x.x
iptables -t nat -A POSTROUTING -s 192.168.x.x/24 -p tcp --dport  25 -j
SNAT --to-source 81.95.x.x
sysctl -w net.ipv4.ip_forward=1

where 192.168.x.x -- IP address of my network
and 81.95.x.x -- IP address of our IP address given by our ISP.

And I did put 'em in. However, it did not work. I'm checking with outlook and still cannot connect. Neither can I telnet for example pop.mail.ru 110 server. Maybe I'm doing something wrong. There has to be some decision. Thank you for your patience.

P.S. do I need to type $ sign in front of the word "iptables", and what does $ sign mean?

Navigation

[0] Message Index

[#] Next page

Go to full version