Which firewall: LAMP & Basic Firewall StackScript
iptables does not seem to be set up to block or allow specific ports. ufw is not installed (the ufw command is not found).
The full output from iptables –list is:
# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
DROP all -- zabbix.masterhost.by anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
I use a non-standard port for SSH and somehow it works, but it seems that port 25 is blocked and I cannot find any way to unblock it. I can telnet to localhost port 25 from the local machine but I cannot reach that port from other computers. Some other mechanism seems to be in play, but I don't know what it is.
4 Replies
–
Travis
@randymized:
… I can telnet to localhost port 25 from the local machine but I cannot reach that port from other computers. …
If those "other computers" are in your house, your ISP is probably blocking all outbound port 25 traffic as an anti-spam measure. Try a connection you're sure is unfiltered.
The StackScript did store the firewall configuration in /etc/firewall.conf, but apparently did not assure reloading.
I added the following two lines to /etc/network/interfaces in the eth0 section:
post-up iptables-restore < /etc/firewall.conf
post-down iptables-save > /etc/firewall.conf
I also ran iptables-restore and that appears to have reestablished the original rules.
I don't know of a mechanism for contributing patches to a StackScript, but the post-up and post-down lines seem to be an essential part of what the StackScript should do.