Only thing I can think of is /etc/hosts.allow and /etc/hosts.deny file that the tcpd daemon uses for<br>additional security. Maybe there is a strict definition on which connections should go through.<br><br>Also why don't you use tcpdump to see what is going on in the incoming traffic on the machine. Maybe
<br>increase the log level of the kernel by<br><br>/sbin/sysctl -w net.ipv4.netfilter.ip_conntrack_log_invalid=1<br><br>to see what is dropped and why.<br><br>Filippos<br><br><div><span class="gmail_quote">On 4/21/06, <b class="gmail_sendername">
Debbie Deutsch</b> <<a href="mailto:fedoralist@ddeutsch.org">fedoralist@ddeutsch.org</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Perhaps someone can help me with this problem. I have sendmail running<br>on an FC5 system.* It works to the extent that I can send email from<br>that system to other systems in other domains. The problem is that<br>other systems cannot initiate a connection to it. Here are the key
<br>facts that I have been able to confirm:<br><br><br>- I previously edited the <a href="http://sendmail.mc">sendmail.mc</a> file to be sure it is listening on<br>port 25 and did a make to update <a href="http://sendmail.cf">
sendmail.cf</a>. Then I stopped and<br>restarted sendmail.<br><br>- Sendmail is definitely running.<br><br>- Both netstat and nmap confirm that the system *is* listening on port<br>25, as it should be.<br><br>- When I attempt to telnet to port 25 the connection fails. However,
<br>telnet definitely is running. I can telnet to the host without<br>specifying a port and successfully communicate with the telnet server.<br>On the other hand, when I try to telnet to port 23 (where netstat and<br>nmap confirm that the telnet server is listening), I get the same error
<br>as when I try to telnet to port 25. I have tried this from multiple<br>hosts on my LAN, all with the same results.<br><br>- In an effort to rule out firewalls as a possible source of the<br>problem, I disabled selinux completely and stopped iptables. (I did not
<br>see anything in iptables that should block port 25 but I wanted to be<br>sure it was not the source of the problem.)<br><br>- All of the above testing was done on my LAN. The traffic did not<br>traverse my hardware router/firewall. In any case, the firewall is
<br>configured to not block port 25. (I had sendmail running successfully<br>before, on an old system that finally went belly-up.)<br><br>- As noted above, I can successfully send mail that requires sendmail to<br>connect to another smtp server that is outside my LAN.
<br><br>All of this makes me think that there is some firewall-like thing going<br>on where outbound smtp connections are okay but smtp sessions that are<br>initiated by another host are not. The behavior with telnet connections
<br>only working if the port is not specified baffles me. With selinux and<br>iptables turned off, I am out of ideas. Any suggestions?<br><br>TIA,<br><br>Debbie<br><br>*32-bit FC5 running on a 64-bit system because 54-bit FC5 installs but
<br>won't boot completely. You may remember the recent thread...<br><br>--<br>fedora-list mailing list<br><a href="mailto:fedora-list@redhat.com">fedora-list@redhat.com</a><br>To unsubscribe: <a href="https://www.redhat.com/mailman/listinfo/fedora-list">
https://www.redhat.com/mailman/listinfo/fedora-list</a><br></blockquote></div><br>