[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4688: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4690: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4691: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4692: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
FREESCO Support • View topic - Opening inbound port 25?

Opening inbound port 25?

Support section for FREESCO v0.4.x

Opening inbound port 25?

Postby Island » Wed Nov 28, 2012 3:14 pm

Happily running v044 for some time, as an Ethernet router. Exim package working fine for outbound mail, serving all clients on LAN-side, and delivering outbound mail across internet. Now trying to set up inbound SMTP from WAN gateway, but first testing from a WAN-side host on same subnet.

LAN side is 192.168.0/24, WAN side is 192.168.11/24, report.txt is attached.

Using telnet on a linux host on same WAN-side subnet (ie, not from across the internet, just locally on the FREESCO WAN-side subnet), with command:

telnet 192.168.11.92 25

Telnet responds with 'connection refused'. No ping response, either.

It 'seems' to me that the FREESCO internal firewall may be blocking port 25. I thought I'd overlooked a setting or something, and I've gone through 'setup' but cannot see anywhere where I can 'open' port 25 on the FREESCO box. I'd like to open 'ping' (ICMP?), too, but didn't see that, either.

I must be doing something really silly - because I've got Exim working (inbound) on another FREESCO so I know it works and I know I must have known how to set it up. But I just can't see what I'm doing wrong.

One thing I noticed in the report text is that the WAN-side network card is reporting no errors, but an enormous number of 'dropped' packets. I thought that was strange. I wondered what the 'dropped packet' count meant in the context of zero errors. I don't think this is the cause of port 25 packets being blocked though, because the in-built webserver is also open (on 8445) and pointing the test-machine's browser to

http://192.168.11.92:8445

brings up the standard 'FREESCO's Web Page'. So inbound, in general, is ok; just port 25 seems to fail.

Any ideas welcome. I think I'll try to set up more detail of firewall logging, to see if port 25 traffic is being seen, or rejected.

Regards, Island
You do not have the required permissions to view the files attached to this post.
User avatar
Island
Junior Advanced Member
 
Posts: 117
Joined: Sat Jan 22, 2005 12:48 pm

Re: Opening inbound port 25?

Postby Island » Wed Nov 28, 2012 5:06 pm

Update:

Recently, someone asked about opening ports, generally, in this posting:

viewtopic.php?f=40&t=17562

Lewis advised that most ports were open, and that the firewall should be set in 's' mode. I've done that, now, and been able to specifically enable 'ping's.

Ping works from WAN-side. But telnet to port 25 still says 'connection refused'.

Exim logs show Exim starting, and listening on port 25. Exim delivers LAN-side email, using port 25 from various Mail Clients on LAN machines. Hence my feeling that the 'port 25' packets are going somewhere, but not reaching Exim. To test this, I stopped the firewall completely - setting it into 'n' mode.

Exim responded to WAN-side queries. Port 25 is gettng through, if the firewall is disabled. Exim also responds (unsurprisingly) to contact from across the internet. But, the firewall is off; not a happy position to be in.

I think I should be able to have the firewall on, and still receive port 25 traffic from the WAN, though. I wonder how I could trace why things go wrong when the FW is active?

regards, Island
User avatar
Island
Junior Advanced Member
 
Posts: 117
Joined: Sat Jan 22, 2005 12:48 pm

Re: Opening inbound port 25?

Postby Lightning » Thu Nov 29, 2012 12:55 am

Be aware that every package that you install comes with it's own set of firewall rules included for the ports that it uses and by default everything is blocked from the wan side for security. If you go into the setup package menu you will see where you can disable the firewall rules for rc_exim. The same holds true for teapop if you want to access mail from the wan side. Once you have completed this and saved the setup just use

rc_masq restart

A reboot is not required.
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12081
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: Opening inbound port 25?

Postby Island » Thu Nov 29, 2012 1:16 pm

User avatar
Island
Junior Advanced Member
 
Posts: 117
Joined: Sat Jan 22, 2005 12:48 pm

Re: Opening inbound port 25?

Postby Lightning » Thu Nov 29, 2012 4:02 pm

RST on the firewall in the control panel is exactly the same. I just assumed that if you just ran the setup from the console it was easier to run the console command.

On a side note, if you are running exim. I STRONGLY recommend installing the "emailblock" package. This package blocks email hackers who will try and use brute force names and passwords to gain access to your system. I used to get hundreds of logs a week from failed attempts and after creating this package I get one a week or two. Also be aware that the package is extremely effective even if you only block them for an hour. This allows legitimate users who don't remember there password access after the time is reached.
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12081
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: Opening inbound port 25?

Postby Island » Fri Nov 30, 2012 2:23 pm

User avatar
Island
Junior Advanced Member
 
Posts: 117
Joined: Sat Jan 22, 2005 12:48 pm


Return to FREESCO Support for v0.4.x

Who is online

Users browsing this forum: No registered users and 2 guests

cron