Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 22 December 2024, 02:04:33 am

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Cannot Block Port 25
0 Members and 2 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Cannot Block Port 25  (Read 15464 times)
artilheiro.mz
Jr. Member
*
Offline Offline

Posts: 4


« on: Thursday 20 September 2012, 06:33:38 pm »

Hello

this is my first experience with EFW.
My mailserver public IP is currently being listed on a lot of anti spam blocklists.
and when i searched for the motives, it seems that all of the pc's of my network could comunicate outside using port 25.
I then forgot the most common rule to apply to a firewall. Block all ports and only open outgoing ports from what you need.

So then i opened the most common ports i used, and specified that my mailserver ip comunicated to port 25.
and created a rule on the bottom of the priority list to block all other outgoing ports from my network to the internet.

The thing is, i can still telnet from my network pc to some other company's smtp.

I even tried addind a rule after the outgoing port 25 on my server, saying that all outgoing connections to port 25 are rejected.
but it still isnt "working"

what am i doing wrong?

please see attached image of the outgoing configuration of the firewall
im using EFW 2.5 community

imageshack.us/a/img818/5158/efwoutgoing.jpg

many thanks in advance
Logged
fqureshi
Sr. Member
****
Offline Offline

Posts: 126


« Reply #1 on: Thursday 20 September 2012, 06:43:10 pm »

Add the rule and then turn off outgoing firewall or restart the firewall. What i have experienced just today is that after creating outgoing rule you have to restart firewall or disable and enable outgoing firewall otherwise it is not applied to running rules.
Logged
artilheiro.mz
Jr. Member
*
Offline Offline

Posts: 4


« Reply #2 on: Thursday 20 September 2012, 07:00:47 pm »

I've now added this rule in red

imageshack.us/a/img62/1429/efwoutgoing2.jpg

and rebooted the firewall
i can still telnet from my pc to another smtp

But shouldnt the rule marked in blue also be blocking everything else not listed?

what might i be doing wrong?
Logged
endianupdate
Full Member
***
Offline Offline

Posts: 53


« Reply #3 on: Friday 21 September 2012, 12:49:32 am »

You do not need rules 6 or 15 in your image as anything not specifically allowed will be denied automatically by the Endian firewall.

To troubleshoot what is happening start from the beginning;

Disable all outbound firewall rules and apply, turn on 'Log accepted outgoing connections' on Firewall > Outgoing Traffic screen (also check outgoing firewall is enabled  Smiley )

Now open the firewall log, Logs > Firewall Live Log

Try to telnet to an external SMTP server and check the firewall logs, you should see an entry like;
FORWARD:DROP TCP (br0) ,<pc ip>:55198 -> <server ip>:25 (eth3)

Now start enabling your outgoing firewall rules ONE at a time and try connecting to the external SMTP after every change, this will allow you to see which rule is allowing your outbound SMTP connection.

Hope this helps.
Logged
artilheiro.mz
Jr. Member
*
Offline Offline

Posts: 4


« Reply #4 on: Thursday 27 September 2012, 08:11:09 pm »

Well, i now tried deleting every rule there, and started adding each one from scratch.

Problem solved.

Here is how it is done at the moment

imageshack.us/a/img189/9015/efwoutgoing3.jpg

Its working now Cheesy

thank you all
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com