Kare -
The script works fine (replaces the original file) but now when restarting the services this is what i get (see log below). There is not mention of 'PREROUTING' and using an online port scanning, the port 10025 becomes open/active. I've uninstall the modified file for the time being, which brings back the 'PREROUTING' line in the log and closes port 10025 in the Red IF. Any idea? i have backed-up Copfilter, uninstalled, re-installed, and restored and still does the same thing.
*******************************************************************************************************
Restarting proxmstpd..
sent a HUP signal to monit waiting 1 second(s) proxsmtpd killed
waiting 1 second(s)
removing firewall rules
proxsmtpd is not running
No firewall rules active, proxsmtp mail filtering not active
Iptables firewall rules active:
Configured with MAIL Server on network: GREEN
SMTP Traffic Scanning enabled on RED: eth1
starting proxsmtpd
waiting 1 second(s)
proxsmtpd is running with PID 7131
Iptables firewall rules active:
Table: filter Chain: INPUT 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10025
Table: nat Chain: OUTPUT 0 0 DNAT tcp -- * * xx.xxx.xxx.xxx xx.xxx.xxx.xxx tcp dpt:26 to:192.168.x.x:25
Table: nat Chain: POSTROUTING 0 0 SNAT tcp -- * * 192.168.x.x/24 192.168.x.x tcp dpt:26 to:192.168.x.x
proxsmtp service not showing as ON or OFF
13 posts
• Page 2 of 2 • 1, 2
Re: proxsmtp service not showing as ON or OFF
by xsys2001 » 05 Mar 2010 23:33
- xsys2001
- Posts: 11
- Joined: 02 Mar 2010 21:08
Re: proxsmtp service not showing as ON or OFF
by karesmakro » 06 Mar 2010 00:20
Hi Sean H!
As I said in pm, at this moment I have no testmachine!
I'm sorry, I overlooked an iptable ruleset.
Please try again and report.
Normally this should do the job
http://www.it-connect-unix.de/copfilter/proxsmtp_portchange_II.tar.gz
md5sum: 965d83968d2d47d0f7197e5f9fd67eeb
and this is my output:
where 10.1.1.20 is my internal network.
If this will not work, can you please post me a short overview about your network configuration?
This would be great!
(could you please use code tags for output, this is easier to read
)
karesmakro
As I said in pm, at this moment I have no testmachine!
I'm sorry, I overlooked an iptable ruleset.
Please try again and report.
Normally this should do the job
http://www.it-connect-unix.de/copfilter/proxsmtp_portchange_II.tar.gz
md5sum: 965d83968d2d47d0f7197e5f9fd67eeb
and this is my output:
- Code: Select all
SMTP Traffic Scanning enabled on GREEN: eth0
SMTP Traffic Scanning enabled on RED: eth1
starting proxsmtpd
waiting 1 second(s)
proxsmtpd is running with PID 1903
Iptables firewall rules active:
Table: nat Chain: PREROUTING 0 0 REDIRECT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 redir ports 10025
Table: nat Chain: PREROUTING 0 0 REDIRECT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 redir ports 10025
Table: filter Chain: INPUT 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10025
Table: nat Chain: OUTPUT 0 0 DNAT tcp -- * * 192.168.60.173 192.168.60.173 tcp dpt:26 to:192.168.60.100:26
Table: nat Chain: POSTROUTING 0 0 SNAT tcp -- * * 10.1.1.0/24 192.168.60.100 tcp dpt:26 to:10.1.1.20
where 10.1.1.20 is my internal network.
If this will not work, can you please post me a short overview about your network configuration?
This would be great!
(could you please use code tags for output, this is easier to read
)karesmakro
- karesmakro
- Posts: 331
- Joined: 09 Dec 2009 21:17
- Location: Regensburg
Re: proxsmtp service not showing as ON or OFF
by xsys2001 » 09 Mar 2010 22:30
Kare - your file worked 100%. Thanks for all your help with this, and thanks for such a fine product!
Sean
Sean
- xsys2001
- Posts: 11
- Joined: 02 Mar 2010 21:08
13 posts
• Page 2 of 2 • 1, 2
Return to English Copfilter Support
Who is online
Users browsing this forum: No registered users and 2 guests