#44 Unusual problem with specific port 25!

[Anonymous]

I have been using firehol to configure iptables for about 2 years now; I REALLY thank you for this as it does make a VERY SECURE firewall; however, for some reason, it has STOPPED opening port 25 for the mail server.

The other services are defined under the same interface as "server web accept" and so on to include "server smtpd accept". I have defined the rules at the top as:

server_imap_ports="tcp/143 tcp/993"
client_imap_ports="any"
server_smtpd_ports="tcp/25"
client_smtpd_ports="any"

Now, imap's ports (along with the other defined services) are opened perfectly! BUT smtpd gets ignored?!?! I have even tried compiling iptables from scratch instead of using the distro RPM.

I have smtp open now but I had to add an iptables rule to firehol.conf:

iptables -I INPUT -p tcp --dport 25 -j ACCEPT

I was originally using "smtp" as the service definition and defining it at the beginning BUT it STILL didn't open the port. The wierd part is it was working fine about 4 days ago as is then just stopped without any configuration changes.

The server running the firewall is ALSO doing NAT'ing; I think I read a post where an iptables module/extension must be loaded for specific services or something if it does NAT but that still doesn't answer the question of why it was working before and just stopped.

[Nobody/Anonymous]

I kept wondering why I hadn't received any external mail for a couple days! :)