iptables host/network 'isp.mail.server' not found

iptables host/network 'isp.mail.server' not found

Post by Don Lo » Wed, 19 Jun 2002 04:10:17



I've set up a small network with 2 subnets: LAN and DMZ. The LAN and DMZ are
connected by a rh7.1 running a iptables *firewall. The rc.firewall
script is based on Ziegler's chpt 6 *firewall script. When I run the
rc.firewall script I get several errors that I'm hoping someone can help me
with. Here's a look at those errors:

iptables v1.2.1a: host/network `smtpx.xxxx.xx' not found
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.1a: host/network `smtpx.xxxx.xx' not found
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.1a: host/network `mail.yyyy.com' not found
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.1a: host/network `mail.yyyy.com' not found
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.1a: host/network `news.cis.dfn.de' not found
Try `iptables -h' or 'iptables --help' for more information.
Try `iptables -h' or 'iptables --help' for more information.
Bad argument `1024:65535'

Here's the section that some of these  errors refer to:

# Sending Mail to the Mail Gateway Server (TCP Port 25)

iptables -A FORWARD -i $LAN_INTERFACE -o $DMZ_INTERFACE -p tcp \
         -s $LAN_ADDRESSES --sport $UNPRIVPORTS \
         -d $SMTP_SERVER --dport 25 \
         -m state --state NEW -j ACCEPT

iptables -A OUTPUT -o $DMZ_INTERFACE -p tcp \
         -s $DMZ_IPADDR --sport $UNPRIVPORTS \
         -d $SMTP_SERVER --dport 25 \
         -m state --state NEW -j ACCEPT

###############################################################

# Retrieving Mail as a POP Client (TCP Port 110)

iptables -A FORWARD -i $LAN_INTERFACE -o $DMZ_INTERFACE -p tcp \
         -s $LAN_ADDRESSES --sport $UNPRIVPORTS \
         -d $POP_SERVER --dport 110 \
         -m state --state NEW -j ACCEPT

iptables -A OUTPUT -o $DMZ_INTERFACE -p tcp \
         -s $DMZ_IPADDR --sport $UNPRIVPORTS \
         -d $POP_SERVER --dport 110 \
         -m state --state NEW -j ACCEPT

I'm not sure why the script rejects these rules, while others like HTTP
access isn't an error. Note DNS info is prior to these rules.

--
Thanks,

Mark

 
 
 

iptables host/network 'isp.mail.server' not found

Post by Joerg Morbitze » Wed, 19 Jun 2002 21:02:28



> I've set up a small network with 2 subnets: LAN and DMZ. The LAN and DMZ are
> connected by a rh7.1 running a iptables *firewall. The rc.firewall
> script is based on Ziegler's chpt 6 *firewall script. When I run the
> rc.firewall script I get several errors that I'm hoping someone can help me
> with. Here's a look at those errors:

> iptables v1.2.1a: host/network `smtpx.xxxx.xx' not found
> Try `iptables -h' or 'iptables --help' for more information.
> iptables v1.2.1a: host/network `smtpx.xxxx.xx' not found
> Try `iptables -h' or 'iptables --help' for more information.
> iptables v1.2.1a: host/network `mail.yyyy.com' not found
> Try `iptables -h' or 'iptables --help' for more information.
> iptables v1.2.1a: host/network `mail.yyyy.com' not found
> Try `iptables -h' or 'iptables --help' for more information.
> iptables v1.2.1a: host/network `news.cis.dfn.de' not found
> Try `iptables -h' or 'iptables --help' for more information.
> Try `iptables -h' or 'iptables --help' for more information.
> Bad argument `1024:65535'

It looks like your PC cannot resolve the hostnames to their addresses!
Can you "ping" these hosts before running your script?

 
 
 

1. Term Error:'host not found' or server failed

        Summary of what I have done with term (version 2.3.5)
        =====================================================

        (1) I compiled the souce code in a sub-directory in my home directory:

                ./configure --user
                make install

            The compilation was done with no errors.

        (2) I ran linecheck (on remote and on my local machine) and included
            the information from log files in termrc at both ends. There were no
            errors generated when linecheck was running across both ends.

        (3) I logged into my remote and ran term:

                term -r

        (4) I escaped back to my local machine (Linux) and suspended my Kermit
            comm program (^Z).

        (5) I ran term on my Linux (local machine):

                term -v/dev/modem

          ( I used -r term at the other end)

          Term responds with the message:

Term version: 2.3.5
Reading file:  /home/lcvaz/.term/termrc
: gethostbyname: vaz: Non-authoritative `host not found', or server failed

        In the above message, "vaz" is the name of my host machine.

        Term appears to have frozen (nothing happens).

        Then I tried to install "share installnet" with the command:

vaz:~/newterm/term-2.3.5$ make share installnet

        Here's the partial script, omitting all the other parts that had no
        problems while installing.

if [ ! -d /home/lcvaz/bin ] ; then mkdir /home/lcvaz/bin; else true; fi
cd /home/lcvaz/bin; rm -f tdownload tudpredir tmon tshutdown trdated tupload tredir txconn trdate; true
cd /home/lcvaz/bin; for i in term trsh linecheck  tdownload tudpredir tmon tshutdown trdated tupload tredir txconn trdate; do \
        if [ -f $i ]; then mv $i $i.old ; fi ; \
done; true  

        .
        .
        .

if [ ! -d /home/lcvaz/term ] ; then mkdir /home/lcvaz/term; else true; fi
echo "# This file activates full term networking" > /home/lcvaz/term/termnet
if [ ! -f /home/lcvaz/term/hosts.term ] ; then \
        echo 127.0.0.254 remotehost > /etc/hosts.term ; \
fi ; true
sh: /etc/hosts.term: Permission denied

        Does this mean that "make share installnet" should be done from
        root only?

        Any suggestions as to what could be done next?

        Louis Vaz
--
Louis C. Vaz

2. Linux Frequently Asked Questions with Answers (Part 4 of 6)

3. iptables: my ISP's NNTP server doesn't talk back now

4. glibc 2.x compiling error

5. Returned mail: Host unknown (Name server: yy.laketaylor.org: host not found)

6. 2.5.68-mm2: Memory & swap issues ?

7. iptables v1.2.2: can't initialize iptables table `filter': Table does not exist

8. Mailing Lists for Linux

9. transition from isp 'A' to isp 'B' routing problem

10. Help: term error, 'host not found, non-authoritative'

11. Error 'Shared object "libssl.so.3" not found' when using mail

12. 'host' command not using /etc/hosts?