FIAIF blocks local postfix

Anders Peter Fugmann email hidden
Wed Mar 26 16:54:26 CET 2008 

Sebastian Feldmann wrote:
> Hi,
> 
> first of all, thanks for your help and your patience.
No problem.
> 
> here are the main config settings of my "zone.ext" file
> 
> NAME=EXT
> DEV=eth0
> DYNAMIC=0
> GLOBAL=1
> 
> ## Network information. Nessesary only if DYNAMIC=0
> IP=85.10.199.34
> MASK=255.255.255.224
> NET=85.10.199.34/255.255.255.224
> BCAST=85.10.199.63
> 
> INPUT[0]="ACCEPT tcp smtp,www,https,ssh 0.0.0.0/0=>0.0.0.0/0"
> INPUT[1]="ACCEPT icmp echo-request 0.0.0.0/0=>0.0.0.0/0"
> INPUT[2]="DROP ALL 0.0.0.0/0=>0.0.0.0/0"
> 
> OUTPUT[0]="ACCEPT ALL 0.0.0.0/0=>0.0.0.0/0"
All seems to be in order here.

Could you supply the output of /sbin/lsmod as well as /sbin/route?

Also send privately the output from /etc/init.d/fiaif test, and
/tmp/fiaif.out (generated by the command).

Regards
Anders Fugmann

> 
> 
> ifconfig prints out the following
> 
> eth0      Protokoll:Ethernet  Hardware Adresse 00:11:09:D6:12:57
>           inet Adresse:85.10.199.34  Bcast:85.10.199.63  Maske:255.255.255.224
>           inet6 Adresse: fe80::211:9ff:fed6:1257/64 Gültigkeitsbereich:Verbindung
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:24112 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:16938 errors:0 dropped:0 overruns:0 carrier:0
>           Kollisionen:0 Sendewarteschlangenlänge:1000
>           RX bytes:3953578 (3.7 MiB)  TX bytes:3580029 (3.4 MiB)
>           Interrupt:161 Basisadresse:0xe500
> 
> A "ping mailserv.regfish.com"
> returns the following
> PING mailserv.regfish.com (79.140.49.126) 56(84) bytes of data.
> ping: sendmsg: Operation not permitted
> 
> In the logfile the same LOG-MSG appears
> 
> Mar 26 16:00:26 hannibal [FIAIF_MARTIAN]: IN= OUT=eth0 MAC= SRC=85.10.199.34 DST=79.140.49.126 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=3
> DF PROTO=ICMP TYPE=8 CODE=0 I
> 
> 
> regards
> Sebastian
>
Regards
Anders Fugmann

P.s.
There seems to be something wrong with your email client - It prepends
'AW' rather than 'Re' (abbreviation of the Latin word 'res' which is
mandated by the RFC.

More information about the fiaif mailing list