I'm too silly for the firewall :-(

T

ThomasH

Well-Known Member
Jun 4, 2019
39
8
48
60
Hi there...

I am not a firewall-guru, can handle IPTABLES a little bit (as long as rules are not too complicated). I know how firewalls are working and that rules should have a special sequence and that a set should end with a "DROP" (if I am still wrong here, pls let me know).

I am using ISP-Config on my mailserver, which contains except ISP-Config via https on port 8080 no other Webpages.

I made a ruleset (see attachment) named "mailserver" and set it in the firewall-rules for the mailserver-vm.

When retrieving emails with Thunderbird it takes looooong time until I receive the new mails or until a mail is sent. If I switch off the firewall it just takes a few seconds and the communication mailclient <-> mailserver has been done.

I am using IMAPS (993), SMTP (25) and SMTPS (465), SSL-comminucation. Sometimes I need SSH (22). I followed the recommondation of ISP-Config ans opened the ports as recommended without the ports I definetely I know, that I don't need them.

Following "Rule 1" (the error is always sitting 50 cm in front of CPU) I am SURE! I am too silly to handle a Proxmox-Firewall... :(

I've read several documents, the manual... seems what I need is a function example to understand... :(

Can anyone help?

THANKS A LOT... and sorry for my sillyness...

Thomas
 

Attachments

  • firewall-rule-set.jpg
    firewall-rule-set.jpg
    59.1 KB · Views: 17
ThomasH said:
I am not a firewall-guru, can handle IPTABLES a little bit (as long as rules are not too complicated). I know how firewalls are working and that rules should have a special sequence and that a set should end with a "DROP" (if I am still wrong here, pls let me know).
Click to expand...

Not necessarily - if you yous "DROP" as policy (which is the default) all what is not explicitly allowed is DROPped.

ThomasH said:
I am using ISP-Config on my mailserver, which contains except ISP-Config via https on port 8080 no other Webpages.



I made a ruleset (see attachment) named "mailserver" and set it in the firewall-rules for the mailserver-vm.

When retrieving emails with Thunderbird it takes looooong time until I receive the new mails or until a mail is sent. If I switch off the firewall it just takes a few seconds and the communication mailclient <-> mailserver has been done.

I am using IMAPS (993), SMTP (25) and SMTPS (465), SSL-comminucation. Sometimes I need SSH (22). I followed the recommondation of ISP-Config ans opened the ports as recommended without the ports I definetely I know, that I don't need them.
Click to expand...


For analysis it has to be verified if there is any other port used too. From this apart: to specify the rule is only on step, another one is to assign these rules (which are defined as "security group") to the VM which contains the mailserver.

A comprehensive overview about firewall setting can be seen reading the files in /etc/pve/firewall
 
Hi,

sorry for delay, I had to solve some other problems... :)

Following a great tip on stackexchange it seems to solve my problem.

by using

Code: 
nmap -p 1-65535 <my public ip>

I was able to find all open ports. Then I configured the firewall adding all open ports (prot: tcp/udp, destPort: xy) it functions well. But using the macros seems not to function well.. why ever... :cool:

Thanks a lot
 
Last edited:
You must log in or register to reply here.
Top Bottom
Back