ramvi

1. I'm unable to get IPTABLES to forward port 143. When I directly: "telnet 192.168.1.7 143", it works. If I telnet though my firewall: "telnet 192.168.1.1", I get "Unable to connect to remote host".
2.  
3. I'm sure it's not forwarded because on ...7 "tcpdump -i any tcp port 143 -n" doesn't report anything. Is it possible to see what I'm doing wrong?
4.  
5. # This is the IPTABLES on my firewall with INET address 77.40.215.18
6. root@kanin:~# iptables -L -n
7. Chain INPUT (policy DROP)
8. target prot opt source destination
9. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
10. bad_packets all -- 0.0.0.0/0 0.0.0.0/0
11. ACCEPT tcp -- 0.0.0.0/0 77.40.215.18 tcp dpt:81
12. ACCEPT tcp -- 0.0.0.0/0 77.40.215.18 tcp dpt:3142
13. ACCEPT tcp -- 0.0.0.0/0 77.40.215.18 tcp dpt:22
14. ACCEPT tcp -- 0.0.0.0/0 77.40.215.18 tcp dpt:80
15. ACCEPT tcp -- 0.0.0.0/0 77.40.215.18 tcp dpt:143
16. DROP all -- 0.0.0.0/0 224.0.0.1
17. ACCEPT all -- 192.168.1.0/24 0.0.0.0/0
18. ACCEPT all -- 0.0.0.0/0 192.168.1.255
19. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
20. tcp_inbound tcp -- 0.0.0.0/0 0.0.0.0/0
21. udp_inbound udp -- 0.0.0.0/0 0.0.0.0/0
22. icmp_packets icmp -- 0.0.0.0/0 0.0.0.0/0
23. ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:68 dpt:67
24. ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:631 dpt:631
25. DROP all -- 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast
26. LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 3 LOG flags 0 level 4 prefix `INPUT packet died: '
27.  
28. Chain FORWARD (policy DROP)
29. target prot opt source destination
30. bad_packets all -- 0.0.0.0/0 0.0.0.0/0
31. tcp_outbound tcp -- 0.0.0.0/0 0.0.0.0/0
32. udp_outbound udp -- 0.0.0.0/0 0.0.0.0/0
33. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
34. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
35. ACCEPT tcp -- 0.0.0.0/0 192.168.1.4 tcp dpt:22
36. ACCEPT tcp -- 0.0.0.0/0 192.168.1.4 tcp dpt:2222
37. ACCEPT tcp -- 0.0.0.0/0 192.168.1.4 tcp dpt:443
38. ACCEPT tcp -- 0.0.0.0/0 192.168.1.7 tcp dpt:143
39. ACCEPT tcp -- 69.41.163.31 192.168.1.7 tcp dpt:22389
40. LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 3 LOG flags 0 level 4 prefix `FORWARD packet died: '
41. ACCEPT tcp -- 0.0.0.0/0 192.168.1.4 tcp dpt:22
42. ACCEPT tcp -- 0.0.0.0/0 192.168.1.4 tcp dpt:2222
43. ACCEPT tcp -- 0.0.0.0/0 192.168.1.7 tcp dpt:143
44. ACCEPT tcp -- 0.0.0.0/0 192.168.1.4 tcp dpt:443
45. ACCEPT tcp -- 69.41.163.31 192.168.1.7 tcp dpt:22389
46. LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 3 LOG flags 0 level 4 prefix `FORWARD packet died: '
47.  
48. Chain OUTPUT (policy DROP)
49. target prot opt source destination
50. DROP icmp -- 0.0.0.0/0 0.0.0.0/0 state INVALID
51. ACCEPT all -- 127.0.0.1 0.0.0.0/0
52. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
53. ACCEPT all -- 192.168.1.1 0.0.0.0/0
54. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
55. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
56. LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 3 LOG flags 0 level 4 prefix `OUTPUT packet died: '
57.  
58. Chain bad_packets (2 references)
59. target prot opt source destination
60. LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG flags 0 level 4 prefix `Illegal source: '
61. DROP all -- 192.168.1.0/24 0.0.0.0/0
62. LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 0 level 4 prefix `Invalid packet: '
63. DROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
64. bad_tcp_packets tcp -- 0.0.0.0/0 0.0.0.0/0
65. RETURN all -- 0.0.0.0/0 0.0.0.0/0
66.  
67. Chain bad_tcp_packets (1 references)
68. target prot opt source destination
69. RETURN tcp -- 0.0.0.0/0 0.0.0.0/0
70. LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW LOG flags 0 level 4 prefix `New not syn: '
71. DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW
72. LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00 LOG flags 0 level 4 prefix `Stealth scan: '
73. DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
74. LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F LOG flags 0 level 4 prefix `Stealth scan: '
75. DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
76. LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29 LOG flags 0 level 4 prefix `Stealth scan: '
77. DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29
78. LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37 LOG flags 0 level 4 prefix `Stealth scan: '
79. DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37
80. LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06 LOG flags 0 level 4 prefix `Stealth scan: '
81. DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
82. LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03 LOG flags 0 level 4 prefix `Stealth scan: '
83. DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
84. RETURN tcp -- 0.0.0.0/0 0.0.0.0/0
85.  
86. Chain icmp_packets (1 references)
87. target prot opt source destination
88. LOG icmp -f 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `ICMP Fragment: '
89. DROP icmp -f 0.0.0.0/0 0.0.0.0/0
90. DROP icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
91. ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11
92. RETURN icmp -- 0.0.0.0/0 0.0.0.0/0
93.  
94. Chain tcp_inbound (1 references)
95. target prot opt source destination
96. ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
97. ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143
98. RETURN tcp -- 0.0.0.0/0 0.0.0.0/0
99.  
100. Chain tcp_outbound (1 references)
101. target prot opt source destination
102. ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
103.  
104. Chain udp_inbound (1 references)
105. target prot opt source destination
106. DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:137
107. DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:138
108. RETURN udp -- 0.0.0.0/0 0.0.0.0/0
109.  
110. Chain udp_outbound (1 references)
111. target prot opt source destination
112. ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0