[Firehol-support] What's Changed?
John Sullivan
john at benzo8.org
Fri Oct 12 09:04:27 BST 2007
Hi, I hope someone can help...
Overnight (it seems) my firehol configuration is blocking my IMAP
connections *only* via GPRS...
I have not changed anything on my server - firehol.conf or anything
relating to the IMAP server.
I can connect to IMAP from my laptop, but not now from my mobile 'phone.
If I stop firehol, I can connect from my mobile.
I assume this is an IP thing, as the GPRS connection will be coming from
a different IP - in fact, if I connect my mobile to the Internet via my
home WiFi, I can connect to my IMAP.
Here is my firehol.conf:
#!/sbin/firehol
blacklist 62.204.35.105
server_gailssh_ports="tcp/40"
client_gailssh_ports="default"
server_ts2webmin_ports="tcp/14534"
client_ts2webmin_ports="default"
server_ts2_ennui_ports="udp/8767"
client_ts2_ennui_ports="default"
server_ts2_sal_ports="udp/8768"
client_ts2_sal_ports="default"
interface eth0 internet src not "${UNROUTABLE_IPS}"
# The default policy is DROP. You can be more polite with REJECT.
# Prefer to be polite on your own clients to prevent timeouts.
policy drop
# If you don't trust the clients behind eth0 (net not
"${UNROUTABLE_IPS} 83.170.75.128/26"),
# add something like this.
# protection strong
# Here are the services listening on eth0.
# TODO: Normally, you will have to remove those not needed.
server ICMP accept
server daytime accept
# server gkrellmd accept
server http accept
server https accept
server ident accept
server imap accept
server imaps accept
server pop3 accept
server pop3s accept
server smtp accept
server ssh accept
server dns accept
# server time accept
# server gailssh accept
server ts2webmin accept
server ts2_ennui accept
# server ts2_sal accept
# The following eth0 server ports are not known by FireHOL:
# tcp/10001 tcp/3310 tcp/9 tcp/925 udp/10000 udp/32768 udp/517
udp/518 udp/9 udp/919 udp/922
# TODO: If you need any of them, you should define new services.
# (see Adding Services at the web site -
http://firehol.sf.net).
# The following means that this machine can REQUEST anything
via eth0.
# TODO: On production servers, avoid this and allow only the
# client services you really need.
client all accept
Here are a few entries from my syslog showing the blocking taking place:
Oct 12 09:03:00 space kernel: 'IN-unknown:'IN=eth0 OUT=
MAC=00:0b:6a:f6:b2:d1:00:d0:02:95:74:00:08:00 SRC=77.210.81.30
DST=83.170.75.135 LEN=64 TOS=0x00 PREC=0x00 TTL=112 ID=4285 DF PROTO=TCP
SPT=1307 DPT=993 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 12 09:03:03 space kernel: 'IN-unknown:'IN=eth0 OUT=
MAC=00:0b:6a:f6:b2:d1:00:d0:02:95:74:00:08:00 SRC=77.210.81.30
DST=83.170.75.135 LEN=64 TOS=0x00 PREC=0x00 TTL=112 ID=4286 DF PROTO=TCP
SPT=1307 DPT=993 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 12 09:03:09 space kernel: 'IN-unknown:'IN=eth0 OUT=
MAC=00:0b:6a:f6:b2:d1:00:d0:02:95:74:00:08:00 SRC=77.210.81.30
DST=83.170.75.135 LEN=64 TOS=0x00 PREC=0x00 TTL=112 ID=4287 DF PROTO=TCP
SPT=1307 DPT=993 WINDOW=65535 RES=0x00 SYN URGP=0
Does anyone have any ideas why this has suddenly stopped working,
without me making any configuration changes whatsoever? Moreso - how can
I get it working again?
Thanks in advance,
Me...
More information about the Firehol-support
mailing list