Re: woody firewall broken? [I was mistaken ]

To: "Bernd Eckenfels" <lists@lina.inka.de>
Cc: <debian-firewall@lists.debian.org>
Subject: Re: woody firewall broken? [I was mistaken ]
From: "Davi Leal" <david.leal@ene.es>
Date: Tue, 16 Jul 2002 13:32:04 +0200
Message-id: <[🔎] 006601c22cbc$6b2732c0$0507e0c2@ene.es>
References: <[🔎] 004e01c22976$38bd3940$0507e0c2@ene.es> <[🔎] 20020712164011.GA3620@lina.inka.de> <[🔎] 004d01c22bd2$da455aa0$0507e0c2@ene.es>

> > On Fri, Jul 12, 2002 at 09:32:05AM +0200, Davi Leal wrote:
> > > I think it is due to the nessus checks that we are getting "Deferring
> > > messages" from the sendmail server; "Deferred: Connection timed out
with
> > > mx.terra.es.". What we know by sure is that using again the old
firewall
> > > the sendmail server works rightly again.
> >
> > Is your new Firewall crashed or not? Have you tried to reboot it? Nessus
> > willl most likely not damage your firewall, so rebooting will be enough.
>
> Yes, I think our new firewall is crashed. Of course I have rebooted the
> sendmail and firewall hosts. However the sendmail shows the same message.
We
> are using now the old one and the sendmail works rightly again.
>
> What happened:
>
> [Day 1] The new firewall (woody, 2.4 kernel, ReiserFS) worked rightly. We
> realized a check connecting from telephone line via our Radius server and
> sent an email rightly. Additionaly we carried out some checks sending
emails
> and checking the email server log. All was OK.

The facts show that we didnt check rightly sending email from the ISP to
outside.


> Well, I will format and reinstall the new firewall again. I am going to do
a
> 'mondo' backup copy before reintalling so as to check via "mondo
difference
> reinstalled" what happened in the firewall.

I realized the 'mondo' backup "mondoarchive -O -c 12 -d 0,0,0" and
reinstalled the new firewall. The differences "mondoarchive -Vc 16" only
shows normal things. Nothing was broken.

We know now what was the trouble. It was needed enable the UDP connection to
the SMTP host. Now it is working rightly. We have checked with and without
this filter. It seems it is needed. Without it we get the "Deferred:
Connection timed out with mx.terra.es" message.

> P.D.: Do you know if sendmail uses only 25/tcp?. /etc/services does not
> shows any 25/udp.

Regards,
Davi Leal



-- 
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- woody firewall broken?
  - From: "Davi Leal" <david.leal@ene.es>
- Re: woody firewall broken?
  - From: Bernd Eckenfels <lists@lina.inka.de>
- Re: woody firewall broken?
  - From: "Davi Leal" <david.leal@ene.es>

Prev by Date: inetd tcpd vsftpd problem
Next by Date: Re: woody firewall broken?
Previous by thread: Re: woody firewall broken?
Next by thread: Re: apache 1.3.23 ipv6 binary
Index(es):
- Date
- Thread