yz6x
September 24th, 2005, 02:10 AM
The environment:
- inet -> adsl modem (in bridge mode) -> router -> hub -> 2 PCs
1 machine is Ubuntu 5.0.4 tested with 2 kernels (2.6.10-5-686-smp and 2.6.10-5-386, it's a dual CPU machine)
2. other machine WinXP
Short version:
Port 25 closed for requests not coming from the machine's subnet.
Long version:
I've set up the Ubuntu server with apache2 and postfix.
Postfix listens on all interfaces - local loopback and eth0, both ipv4 & ipv6
Firewall is on the router with port forwarding for ports 25 and 80
to Ubuntu server.
I can send outgoing mail without problems, but it doesn't work the
other way around. Anyone trying to connect from outside gets
'port 25 connection refused' .
- Firstly I thought it was the isp blocking port 25 - checked with them and they said they don't
- I've redirected port 25 to WinXP machine and Ethereal shows incoming
SYN packet from outside to the port 25
- I've looked into the router's incoming log file and incoming smtp packet is there
- I checked Postfix for inet_interfaces etc. and it is ok
- Then I've stopped the Postfix and started Apache listening on port 25
- Again nothing ... I've then tested each and every port from 20 to 80
with apache listening on them, and I can connect to each one of them
except to the port 25.
- So it's the iptables you fool! No it's not - that was the first thing I checked
- I've tried putting the Ubuntu box in DMZ and nothing
- I've ran tethereal and tcpdump and there is nothing coming to the port 25 from the outside world (192.x.x.x network connects fine).
However (aha!), if I telnet using either external or internal ip address from the
WinXP box to port 25, then I am getting response and tcpdump clearly shows
incoming packets on port 25.
So you would say it is router or hub. Well, I tried:
- connecting the Ubuntu box directly to the router (didn't budge at all)
- changing the ip address several times
I would really appreciate any useful suggestion.
TIA...
- inet -> adsl modem (in bridge mode) -> router -> hub -> 2 PCs
1 machine is Ubuntu 5.0.4 tested with 2 kernels (2.6.10-5-686-smp and 2.6.10-5-386, it's a dual CPU machine)
2. other machine WinXP
Short version:
Port 25 closed for requests not coming from the machine's subnet.
Long version:
I've set up the Ubuntu server with apache2 and postfix.
Postfix listens on all interfaces - local loopback and eth0, both ipv4 & ipv6
Firewall is on the router with port forwarding for ports 25 and 80
to Ubuntu server.
I can send outgoing mail without problems, but it doesn't work the
other way around. Anyone trying to connect from outside gets
'port 25 connection refused' .
- Firstly I thought it was the isp blocking port 25 - checked with them and they said they don't
- I've redirected port 25 to WinXP machine and Ethereal shows incoming
SYN packet from outside to the port 25
- I've looked into the router's incoming log file and incoming smtp packet is there
- I checked Postfix for inet_interfaces etc. and it is ok
- Then I've stopped the Postfix and started Apache listening on port 25
- Again nothing ... I've then tested each and every port from 20 to 80
with apache listening on them, and I can connect to each one of them
except to the port 25.
- So it's the iptables you fool! No it's not - that was the first thing I checked
- I've tried putting the Ubuntu box in DMZ and nothing
- I've ran tethereal and tcpdump and there is nothing coming to the port 25 from the outside world (192.x.x.x network connects fine).
However (aha!), if I telnet using either external or internal ip address from the
WinXP box to port 25, then I am getting response and tcpdump clearly shows
incoming packets on port 25.
So you would say it is router or hub. Well, I tried:
- connecting the Ubuntu box directly to the router (didn't budge at all)
- changing the ip address several times
I would really appreciate any useful suggestion.
TIA...