Firewall woes - ports to be used
Antony Stone
Antony at SOFT-SOLUTIONS.CO.UK
Thu Dec 11 11:26:57 GMT 2003
On Thursday 11 December 2003 11:14 am, Michele Neylon :: Blacknight Solutions
wrote:
> After installing a new firewall we seem to have run into a number of issues
> regarding required ports.
> Can anybody help/advise?
> We are using:
> MailScanner
> with SA, Razor, Pyzor, DCC and the RBLs (of course)
Presumably you mean that the firewall is blocking traffic because appropriate
rules haven't been added, and therefore some of the above are not able to
work?
If you can't easily find out what protocols/ports the above services use, the
best way to solve the problem is to put a Log rule at the end of your
firewall rules, just before the default Drop of all other packets (I'm using
netfilter terminology here, but the same principle applies to any packet
filtering firewall), and then look at what gets logged when one of the
services fails. The log entry will tell you what protocol and port you need
to add a rule for, and once you've done that enough times that nothing gets
logged, you will be allowing exactly what you need to.
Regards,
Antony.
--
If the human brain were so simple that we could understand it,
we'd be so simple that we couldn't.
Please reply to the list;
please don't CC me.
More information about the MailScanner
mailing list