[blfs-support] iptables again
lfs65 at cruziero.com
Mon Mar 17 05:55:23 PDT 2014
> Date: Mon, 17 Mar 2014 10:19:32 +0000
> From: Richard Melville <richard.melville69 at googlemail.com>
> To: blfs-support at linuxfromscratch.org
> Subject: Re: [blfs-support] iptables again
> > Richard Melville wrote:
> > > Maybe somebody has the answer to this -- it's only a minor point.
> > >
> > > I've set up msmtp and s-nail on a blfs server; I can send email, and
> > > iptables is not blocking them but neither is it recording the packets
> > > passed. When I had this issue before with a different service, changing
> > > sport to dport resolved it, but not this time. I've set the ports to 25
> > > and I've also tried 587. Both work, but still no packets recorded.
> > What commands are you trying to run?
> > -- Bruce
> I'm sending mail to a colleague via my gmail address with:-
> cat test.mail | msmtp -a gmail colleague at company.co.uk
> where "gmail" is the name of my account in the .msmtprc file.
> As I say, the mail delivery works fine with my colleague receiving the
> mail, and I get a copy in my gmail sent items. However, iptables -nvL
> shows "0" in both the pkts and the bytes columns, as if nothing has been
> sent. A minor point I know, but all my other traffic (ntp, http, dns, ssh)
> is recorded by iptables in those two columns.
Are you wanting to show incoming or outgoing traffic, or both, or what?
Does your firewall log the traffic for the relevant port numbers and for the relevant table (~== traffic-flow direction)?
Depending on what table you're wanting to see stats for, you might need to use the '-t' flag for iptables to show the stats for the relevant table. You might also find the '--line-numbers' flag useful - e.g. for debugging. (And fwiw, I'd normally use the '-x' flag too).
If the above don't resolve it, then probably good idea to post your firewall file, plus the literal stats command line (if different from the 'iptables -nvL' posted above).
More information about the blfs-support