Shorewall users - May 2002 - Auth

Firewall ReportAs you can see from my logs, auth is not getting through my
firewall, this is slowing my mail connections down.

the rule I have is

ACCEPT net $FW tcp 113.

What else do I need to allow this rule through the firewall

Regards

Chet


      Automated Firewall Packet Log Report 
      Date Chain Rule Action Qty Ext. Address Int. Address Ext Protocol Int
Protocol
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.52.239 (dunno)
34365/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.52.239 (dunno)
34375/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.52.239 (dunno)
34424/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.52.239 (dunno)
34447/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.51.113 (dunno)
34450/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 195.182.163.125 (dunno)
34459/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.51.113 (dunno)
34463/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.51.113 (dunno)
34490/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.51.113 (dunno)
34517/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.52.239 (dunno)
34523/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.51.113 (dunno)
34546/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.51.113 (dunno)
34576/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.51.113 (dunno)
34604/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.51.113 (dunno)
34610/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.51.113 (dunno)
34611/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.51.113 (dunno)
34614/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.51.113 (dunno)
34616/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.52.239 (dunno)
34654/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.52.239 (dunno)
34661/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.51.113 (dunno)
34704/tcp auth
         chetnet.co.uk 
      May 09 all2all 0 REJECT 1 <- 213.107.50.52 213.107.52.239 (dunno)
34720/tcp auth
         chetnet.co.uk 
      May 09 net2all 0 DROP 3 <- 202.104.147.185 213.107.50.52 (eth0)
1915/tcp printer
         nszx104.147.szptt.net.cn 
      May 09 net2all 0 DROP 1 <- 203.155.60.194 213.107.50.52 (eth0) 4383/tcp
sunrpc
      May 09 net2all 0 DROP 1 <- 216.23.254.98 213.107.50.52 (eth0) 1301/tcp
ftp
      May 09 net2all 0 DROP 2 <- 217.84.31.24 213.107.50.52 (eth0) 62318/tcp
6346/tcp
         pD9541F18.dip.t-dialin.net 
      May 09 net2all 0 DROP 2 <- 61.34.16.130 213.107.50.52 (eth0) 1303/tcp
domain
      May 09 net2all 0 DROP 5 <- 203.95.214.167 213.107.50.52 (eth0) 1803/udp
27015/udp
         n167.n203-95-214.eranet.net 
      May 09 net2all 0 DROP 3 <- 210.244.73.157 213.107.50.52 (eth0) 2625/udp
27016/udp
      May 09 net2all 0 DROP 2 <- 210.244.73.157 213.107.50.52 (eth0) 2626/udp
27015/udp
      May 10 all2all 0 REJECT 1 <- 213.107.50.52 213.107.52.239 (dunno)
34821/tcp auth
         chetnet.co.uk

On Fri, 10 May 2002, chet wrote:
> Firewall ReportAs you can see from my logs, auth is not getting through my
firewall, this is slowing my mail connections down.
>
> the rule I have is
>
> ACCEPT net $FW tcp 113.
>
> What else do I need to allow this rule through the firewall
>
Tell us a bit more about your configuration -- are you using static NAT
perhaps?

-Tom

PS - When sending log output, please use "shorewall show log" when
possible. Thanks.
--
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net

> -----Original Message-----
> From: chet
> Sent: Friday, May 10, 2002 8:55 AM
> To: shorewall-users@shorewall.net
> Subject: [Shorewall-users] Auth
>
>
> As you can see from my logs, auth is not getting through my firewall,
> this is slowing my mail connections down.
>
> the rule I have is
>
> ACCEPT net $FW tcp 113.
>
> What else do I need to allow this rule through the firewall
If your using sendmail as your MTA  you can also shutdown sendmail issuing
an auth request by adding the following to your sendmail.mc file. 

define(`confTO_IDENT'',`0s'')dnl  

then recreate your sendmail.cf file by issuing...

m4 sendmail.mc >sendmail.cf

Now restart sendmail using the new sendmail.cf file

Steve Cowles

On Fri, 10 May 2002, Cowles, Steve wrote:
>
> If your using sendmail as your MTA  you can also shutdown sendmail issuing
> an auth request by adding the following to your sendmail.mc file.
>
> define(`confTO_IDENT'',`0s'')dnl
>
> then recreate your sendmail.cf file by issuing...
>
> m4 sendmail.mc >sendmail.cf
>
> Now restart sendmail using the new sendmail.cf file
>
Hmmm -- then there''s some confusion about which direction auth is being
rejected. If it is Chet''s MTA (which can''t be Postfix since it
doesn''t use
auth) that is generating the auth request, then Chet needs:

ACCEPT	z	net	tcp	a

where ''z'' is as in the prior post (or he needs to disable auth
per Steve''s
instructions).

-Tom
--
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net