Questions

how to allow Outlook through iptables

+
1 Votes
Locked

how to allow Outlook through iptables

sreemon
Hello,,

I have my system installed with firwall and squid. I could not get the mails to my outlook mail box

I have two lan cards in my linux box
1 -- eth1 is connected to the outside wrold with static ip
2.--- eth0 is connected to the internal lan.

I am using Linux 5 Enterprise version with its inbuilt squid and firewalls

Can any one help me to solve the problem

Thank you

Sreemon
(sreemon@gmail.com)
  • +
    1 Votes
    symon.l

    -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
    -A FORWARD -m state --state NEW -p tcp --dport 25 -j ACCEPT
    -A FORWARD -m state --state NEW -p tcp --dport 110 -j ACCEPT

    If your still having problems can you paste the output from
    service iptables status

    +
    1 Votes
    evocage

    # service iptables status

    output is :-

    Table: mangle
    Chain PREROUTING (policy ACCEPT)
    num target prot opt source destination

    Chain INPUT (policy ACCEPT)
    num target prot opt source destination

    Chain FORWARD (policy ACCEPT)
    num target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    num target prot opt source destination

    Chain POSTROUTING (policy ACCEPT)
    num target prot opt source destination

    Table: filter
    Chain INPUT (policy DROP)
    num target prot opt source destination
    1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
    2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
    3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
    4 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
    5 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4
    6 DROP all -- 0.0.0.0/0 0.0.0.0/0
    7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
    8 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:587
    9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
    10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:993
    11 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
    12 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
    13 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
    14 ACCEPT tcp -- 192.168.1.0/24 0.0.0.0/0 state NEW tcp dpt:21

    Chain FORWARD (policy ACCEPT)
    num target prot opt source destination
    1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
    2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
    3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,ESTABLISHED
    4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
    5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
    6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
    7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465

    Chain OUTPUT (policy ACCEPT)
    num target prot opt source destination
    1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
    2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
    3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

    Table: nat
    Chain PREROUTING (policy ACCEPT)
    num target prot opt source destination
    1 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:192.168.1.2:8080
    2 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8080
    3 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:192.168.1.2:8080

    Chain POSTROUTING (policy ACCEPT)
    num target prot opt source destination
    1 MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0
    2 MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0

    Chain OUTPUT (policy ACCEPT)
    num target prot opt source destination

    I am also unable to use outlook using xp as a client.
    eth 0 ext network
    eht 2 lan internal ntwrk.

  • +
    1 Votes
    symon.l

    -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
    -A FORWARD -m state --state NEW -p tcp --dport 25 -j ACCEPT
    -A FORWARD -m state --state NEW -p tcp --dport 110 -j ACCEPT

    If your still having problems can you paste the output from
    service iptables status

    +
    1 Votes
    evocage

    # service iptables status

    output is :-

    Table: mangle
    Chain PREROUTING (policy ACCEPT)
    num target prot opt source destination

    Chain INPUT (policy ACCEPT)
    num target prot opt source destination

    Chain FORWARD (policy ACCEPT)
    num target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    num target prot opt source destination

    Chain POSTROUTING (policy ACCEPT)
    num target prot opt source destination

    Table: filter
    Chain INPUT (policy DROP)
    num target prot opt source destination
    1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
    2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
    3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
    4 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
    5 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4
    6 DROP all -- 0.0.0.0/0 0.0.0.0/0
    7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
    8 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:587
    9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
    10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:993
    11 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
    12 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
    13 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
    14 ACCEPT tcp -- 192.168.1.0/24 0.0.0.0/0 state NEW tcp dpt:21

    Chain FORWARD (policy ACCEPT)
    num target prot opt source destination
    1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
    2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
    3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,ESTABLISHED
    4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
    5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
    6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
    7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465

    Chain OUTPUT (policy ACCEPT)
    num target prot opt source destination
    1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
    2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
    3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

    Table: nat
    Chain PREROUTING (policy ACCEPT)
    num target prot opt source destination
    1 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:192.168.1.2:8080
    2 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8080
    3 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:192.168.1.2:8080

    Chain POSTROUTING (policy ACCEPT)
    num target prot opt source destination
    1 MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0
    2 MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0

    Chain OUTPUT (policy ACCEPT)
    num target prot opt source destination

    I am also unable to use outlook using xp as a client.
    eth 0 ext network
    eht 2 lan internal ntwrk.