How can I tell which firewall I'm using?

P

paulbot75

Hi all,

I'm using freebsd 7.2 vanilla install

I'm a complete bsd newbie. I'm having trouble connecting to sendmail on anything but the local host. Sockstat -4 shows:

root sendmail ... 127.0.0.1:25

When I nmap from another host on the lan I don't see an entry for port 25 (I do see 110,143).

I'm assuming that a firewall is blocking the port. I understand that there are a variety of FreeBSD firewalls available. How do I tell what firewall I'm running?

Cheers,
 
Sendmail is only listening on the localhost interface lo0. You cannot access this interface from outside the host.
 
paulbot75 said:
When I nmap from another host on the lan I don't see an entry for port 25 (I do see 110,143).
Click to expand...

A nice tip: Use the following command on FreeBSD

Code: 
sockstat -46l

before running nmap from another host. It will give you a better idea of what could actually be found by nmap.
 
I've found the problem... but I have no idea how to fix it. The problem is that sendmail is crashing shortly after it starts:

Code: 
NOQUEUE: SYSERROR(root): opendaemonsocket: daemon IPv4 cannot bind: Address already in use

NOQUEUE: SYSERROR(root): opendaemonsocket: daemon server SMTP socket wedged: exiting

I know this is no longer a firewall issue... but any thoughts?
 
paulbot75 said:
I've found the problem... but I have no idea how to fix it. The problem is that sendmail is crashing shortly after it starts:

Code: 
NOQUEUE: SYSERROR(root): opendaemonsocket: daemon IPv4 cannot bind: Address already in use

NOQUEUE: SYSERROR(root): opendaemonsocket: daemon server SMTP socket wedged: exiting

I know this is no longer a firewall issue... but any thoughts?
Click to expand...

It doesn't crash. It complains there's already something that opened port 25.
 
*bump*

I know this might be old, but I don't feel ok just leaving inaccurate info online - kind of like when you see a crooked picture frame and fix it.

Sendmail is only listening on the localhost interface lo0. You cannot access this interface from outside the host.
Click to expand...

That is not 100% true if you have sshd running and allow port forwarding (in the daemon, not via sysctl).

On any remote host you could run ssh -L 127.0.0.2:25:127.0.0.1:25 user@remote.host

Then on any remote host you would direct all smtp traffic to 127.0.0.2:25 and it'd redirect to remote.host's lo0 IP. Please excuse my elementary drawing...

Code: 
      ooooooooooooooooooooooooooooooooooooo
      8                                .d88
      8  oooooooooooooooooooooooooooood8888
      8  8888888888888888888888888P"   8888    oooooooooooooooo
      8  8888888888888888888888P"      8888    8              8
      8  8888888888888888888P"         8888    8             d8
      8  8888888888888888P"            8888    8            d88
      8  8888888888888P"               8888    8           d888
      8  8888888888P"                  8888    8          d8888
      8  8888888P"                     8888    8         d88888
      8  8888P"                        8888    8        d888888
      8  8888oooooooooooooooooooooocgmm8888    8       d8888888
      8 .od88888888888888888888888888888888    8      d88888888
      8888888888888888888888888888888888888    8     d888888888
                                               8    d8888888888
         ooooooooooooooooooooooooooooooo       8   d88888888888
        d                       ...oood8b      8  d888888888888
       d              ...oood888888888888b     8 d8888888888888
      d     ...oood88888888888888888888888b    8d88888888888888
     dood8888888888888888888888888888888888b

  SENDMAIL HOST:  10.20.30.41
   SSHD SERVICE:  ENABLED / STARTED
POSTFIX SERVICE:  ENABLED / STARTED

CMD RUN ON YOUR
   OTHER SYSTEM:  ssh -L 127.0.0.2:25:127.0.0.1:25 noprivuser@10.20.30.41
  
 MAILER  CONFIG
ON OTHER SYSTEM:  smtp traffic should point to 127.0.0.2 port 25
 
You must log in or register to reply here.
Back
Top