RE: Iptables can't close port 25 and 110
Is it possible that you are forwading/nating that port?
Take a look at your prerouting table "IPTABLES -L -v -t nat"
Or block that port for forwarding, "IPTABLES -I FORWARD -p
tcp --destination-port 25 -j REJECT"
Another thing, you write "IPTABLES -A INPUT -t tcp --destination-port 25 -j
REJECT"
And the correct sentence should be "IPTABLES -A INPUT -p
tcp --destination-port 25 -j REJECT"
Is that correct?
Matias Lambert
OSInet Telecomunicaciones
Capital Federal - Buenos Aires
Argentina - CA1185ACA
http://www.osinet.com.ar
> -----Mensaje original-----
> De: Raffaele D'Elia [mailto:R.DElia@starcomitalia.com]
> Enviado el: Lunes, 26 de Enero de 2004 12:26 p.m.
> Para: Ronald Laarman; debian-firewall@lists.debian.org
> Asunto: RE: Iptables can't close port 25 and 110
>
>
>
>
> -----Original Message-----
> From: "Ronald Laarman" <ronald@laarman.xs4all.nl>
> To: <debian-firewall@lists.debian.org>
> Cc: <R.DElia@starcomitalia.com>
> Date: Mon, 26 Jan 2004 16:12:04 +0100
> Subject: RE: Iptables can't close port 25 and 110
>
> > I already tried reject, I'll give an example to clarify my problem.
> >
> > Removed all iptable rules an when running a nmap scan (remotely) I get
> > the following output:
> >
> > PORT STATE SERVICE
> > 25/tcp open smtp
> > 80/tcp open http
> > 110/tcp open pop3
> > 199/tcp open smux
> > 3306/tcp open mysql
> >
> > I then inserted the following rules:
> >
> > - IPTABLES -A INPUT -t tcp --destination-port 25 -j REJECT
> > - IPTABLES -A INPUT -t tcp --destination-port 80 -j REJECT
> > - IPTABLES -A INPUT -t tcp --destination-port 199 -j REJECT
> >
> > Did a new scan and nmap returned:
> >
> > PORT STATE SERVICE
> > 25/tcp open smtp
> > 110/tcp open pop3
> > 3306/tcp open mysql
> >
> > So even if I reject port 25, nmap detects it as open. And if I reject
> > port 80, nmap detects it as being closed.
> >
> > Hope this give a better image of my problem.
>
> Ah. OK, it's strange!:)
>
> Hav u tried telnetting to the 25 port? Does exim responds?
>
> I'm curious...
>
> Radel
>
> **************************************************************************
> Questo messaggio puo' contenere informazioni di carattere estremamente
> riservato e confidenziale.
> Qualora non foste i destinatari, vogliate immediatamente informarci
> con lo stesso mezzo ed eliminare il messaggio, con gli eventuali allegati,
> senza trattenerne copia. Qualsivoglia utilizzo non autorizzato del
> contenuto di questo messaggio costituisce violazione dell'obbligo di non
> prendere cognizione della corrispondenza tra altri soggetti, salvo piu'
> grave illecito, ed espone il responsabile alle relative conseguenze civili
> e penali.
>
> This message is being sent from Starcom Italia Srl and may
> contain information which is confidential or privileged. If you are not
> the intended recipient, please advise the sender immediately by reply
> e-mail and delete this message and any attachments without retaining a
> copy. Any unauthorized use of the content of this message is a breach of
> your duty to respect the confidentiality of the correspondence between
> other persons and can expose the responsible party to civil and/or
> criminal penalties, and may constitute a more serious offense.
> **************************************************************************
>
>
>
> --
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>
BEGIN:VCARD
VERSION:2.1
N:Lambert;Matias;German
FN:Matias Lambert ( OSInet )
ORG:OSInet TeleComunicaciones
TEL;WORK;VOICE:+54 11 4861 5616
TEL;HOME;VOICE:+54 11 4861 5616
TEL;CELL;VOICE:+54 11 (15) 4429 9469
TEL;WORK;FAX:+54 11 4861 5616
TEL;HOME;FAX:+54 11 4861 5616
ADR;WORK:;;Panamá 933 12 E;Capital Federal;Buenos Aires;C1185ACA;Argentina
LABEL;WORK;ENCODING=QUOTED-PRINTABLE:Panam=E1 933 12 E=0D=0ACapital Federal, Buenos Aires C1185ACA=0D=0AArgentina
URL;WORK:http://www.osinet.com.ar
EMAIL;PREF;INTERNET:matiaslambert@osinet.com.ar
REV:20030313T150013Z
END:VCARD
Reply to: