urgent!! iptables problem. always not saved when restarted.

jacksony

Well-Known Member
PartnerNOC
Nov 30, 2005
77
1
158
Hi, I experience this problem.

Everytime I try to send a mail through SMTP, I will get "Connection refused" below for whatever emails I tried to send out. as a result all mails are stuck in "Mail queue" and these mails always give the error "Connection refused" when I tried to deliver them.

"Message 1ExSdM-00015k-OU is not frozen
delivering 1ExSdM-00015k-OU
Connecting to gmail-smtp-in.l.google.com [72.14.205.27]:25 ... failed: Connection refused
LOG: MAIN
gmail-smtp-in.l.google.com [72.14.205.27]: Connection refused
Connecting to gsmtp83.google.com [66.249.83.27]:25 ... failed: Connection refused
LOG: MAIN
gsmtp83.google.com [66.249.83.27]: Connection refused
Connecting to gsmtp185-2.google.com [64.233.185.114]:25 ... failed: Connection refused
LOG: MAIN
gsmtp185-2.google.com [64.233.185.114]: Connection refused
Connecting to gsmtp185.google.com [64.233.185.27]:25 ... failed: Connection refused
LOG: MAIN
gsmtp185.google.com [64.233.185.27]: Connection refused
Connecting to gsmtp163.google.com [64.233.163.27]:25 ... failed: Connection refused
LOG: MAIN
gsmtp163.google.com [64.233.163.27]: Connection refused
LOG: MAIN
== [email protected] R=lookuphost T=remote_smtp defer (111): Connection refused
Return to Mail Queue"

I found out the root of the problem is with IPTABLES as it disables outgoing connections for smtp.

The Outgoing for IPTABLES --list shows this:
"Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere localhost tcp dpt:smtp
REJECT tcp -- anywhere anywhere tcp dpt:smtp reject-with icmp-port-unreachable
acctboth all -- anywhere anywhere"

I did some massive request for help and found the problem can be solved when I enter "iptables -F OUTPUT" . I tried saving the new iptables but the iptables keep returning to the original settings after every reboot.

I tried saving using iptables-save and also iptables-save>/etc/sysconfig/iptables but when it restarted, i still need to use -F Output to clear the settings that is blocking my outgoing emails.

Therefore the problem is the problem of connection refused keep coming back with every reboot, prevent me from sending outbound mails and only allow after i ran the command.

The problem is how can I make the changes to OUTPUT in iptables permanent so that with every reboot, the settings will not be affected and mails can be sent out?

Thank you very much for any help!

I am using Redhat 9.

Will appreciate any help to [email protected] . Thank you!
 

forlinuxsupport

Well-Known Member
PartnerNOC
Dec 22, 2004
386
0
166
cPanel Access Level
Root Administrator
look in the start script for iptables (/etc/init.d/iptables)
In there it will tell you what file its using for the rules on boot.

OR

just stop iptables starting at boot.
chkconfig --list (see if iptables is ON there)
chkconfig --levels 123456 iptables off (stops iptables staring at boot)

Once thats done, google iptables and find some good sites that show you how to use the firewall properly.
 

jacksony

Well-Known Member
PartnerNOC
Nov 30, 2005
77
1
158
Thank you for your reply. It shows this:

"#!/bin/sh
#
# iptables Start iptables firewall
#
# chkconfig: 2345 08 92
# description: Starts, stops and saves iptables firewall
#
# config: /etc/sysconfig/iptables
# config: /etc/sysconfig/iptables-config

# Source function library.
. /etc/init.d/functions

IPTABLES=iptables
IPTABLES_DATA=/etc/sysconfig/$IPTABLES
IPTABLES_CONFIG=/etc/sysconfig/${IPTABLES}-config
IPV=${IPTABLES%tables} # ip for ipv4 | ip6 for ipv6
PROC_IPTABLES_NAMES=/proc/net/${IPV}_tables_names
VAR_SUBSYS_IPTABLES=/var/lock/subsys/$IPTABLES"

From what I see iptables is saved in /etc/sysconfig/iptables and I have saved the "flushed" iptables to it already but it seems to be still loading with some filters for OUTPUT in iptables when server is restarted. what could be wrong? :(
 

jacksony

Well-Known Member
PartnerNOC
Nov 30, 2005
77
1
158
I ran that check and it shows:
iptables 0:eek:ff 1:eek:ff 2:eek:n 3:eek:n 4:eek:n 5:eek:n 6:eek:ff

Does it means it is off or on? Thank you!
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
32
473
Go on, have a guess
You're seeing that because you've enabled WHM > Tweak Security > SMTP Tweak which does exactly what you're seeing. It blocks outgoing mail on port 25 from all except the maulnull and root users. It does that by using iptables rules. Disable that tweak and it'll go away.
 

jacksony

Well-Known Member
PartnerNOC
Nov 30, 2005
77
1
158
But disabling that won't it allow spammer to use my server to spam?