I have firewall rules to open ports, why telnet refuses connection?
Alright... this question comes from the fact that I'm trying to setup postfix to relay messages to Office 365 SMTP but its giving me connection refused... I read that if you have doubts if your port is open or not you should telnet to them so thats what I did.
This is a Red Hat 6.3 box.
My IP Table:
Code:
# Generated by iptables-save v1.4.7 on Fri Nov 16 14:20:30 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2755:248833]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 21 -m state --state NEW -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 20 -m state --state NEW -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 25 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 23 -j ACCEPT
-P OUTPUT ACCEPT
-A OUTPUT -m state --state NEW -p tcp --dport 587 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
Output of
Code:
iptables -L -n
:
Code:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:21 state NEW
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:20 state NEW
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:23
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:587
My telnet attempts:
Code:
[root@isvahlrtk01 logs]# telnet isvahlrtk01 587
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
Trying 10.X.X.X...
telnet: connect to address 10.X.X.X: Connection refused
[root@isvahlrtk01 logs]# telnet isvahlrtk01 25
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
Trying 10.X.X.X...
telnet: connect to address 10.X.X.X: Connection refused
[root@isvahlrtk01 logs]# telnet isvahlrtk01 23
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
Trying 10.X.X.X...
telnet: connect to address 10.X.X.X: Connection refused
[root@isvahlrtk01 logs]# telnet isvahlrtk01 22
Trying 127.0.0.1...
Connected to isvahlrtk01.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.3
Even though I have rules for ports 587,25,23... why can I only telnet succesfully only on port 22?
Arent I supposed to telnet all them correctly since I have firewall rules?
Could it be that my company is blocking those ports in THEIR firewall?
This may be kind of a stupid question, but here goes:
Say I'm running a FreeBSD webserver (w/apache). I've managed to close ALL open ports (including SSH/telnet and portmapper), excepting '80' that apache is listening on. A netstat -a shows me nothing open.
Discounting DoS/DDoS or holes in... (7 Replies)
Hi all
My freind has Windows 98 and behind a firewall ports used are (LAN)
http:80
ftp :80
Socks :1080
I have telnet server and connected to TCP/IP i.e modem and phone line I want to let my freind Enter my linux box (telnet tunnel) i.e using port 80 and redirect it to telnet port:23... (2 Replies)
Hello,
I would like to modify my firewall configuration for being able to handle 2 internet connections in my Red zone.
I would then like to configure some selecting routing rules depending on the internal source.
Actual configuration:
=====================
1 router A (ISP)... (1 Reply)
Hi,
I am relatively new to UNIX. From the UNIX machine is there anyway of finding out to what and all other machines is the firewall open.
We usually do telnet <machine_name> <port> to fidn out if the firewall is open. Is there anyway i can get an entire list.
Thanks (0 Replies)
Could someone please settle an inter-office argument? Will your network traffic be slower through a firewall on any other port other than port 80. In other words, is port 80 faster than any other port you open on the firewall. I say no. Thanks in advance for the help! (2 Replies)
Hello All,
Can somebody help me with this script. I have an output file with a list of servers ips and ports. I need to be able to run this script to list all the server ips in the outfile and find out if the port is open or not.
#!/bin/sh
IFS=#;for i in $(cat portTest);
do
# check... (2 Replies)
Dear all
I am writing a shell script to use telnet for the connection test
There are 3 cases to test and detail as:
/* Case 1 - The port can be connected */
# telnet host_a 20101 < /dev/null 2>&1 | grep -q Connected
# echo $? return 0
/* Case 2 - The port cannot be connected */
#... (1 Reply)
Hi Gurus,
I need to add Multicast Port = xyz
Multicast Address = 123.134.143 ( example) to my firewall rules. Can you please guide me with the lines I need to update my iptables files with. (0 Replies)
I'm trying to configure a firewall for AIX to accept incoming connections on ports 22 and 443 and deny everything else. All is ok; the server accepts connections only on 22 and 443, but after that I also need to accept all outgoing connections -- ssh and telnet, for example. So I started with
... (0 Replies)
Hi,
I do a telnet to a single server using command :telnet tibserver001 9640
The output i get is :
Trying 10.19....
Connected to tibserver001
However i need to put all the servers in a single file and get the output to see if the server is connected or not.
#! /bin/bash
telnet... (3 Replies)