OpenVZ Forum


Home » International » Russian » Проблема с 25 портом - как открить? (На Debian 5.0 с OpenVZ установленном по howtoforge "OpenVZ on Debian Lenny" HN непропускает 25 порт на VN)
Проблема с 25 портом - как открить? [message #39366] Sat, 10 April 2010 09:52 Go to next message
Dreamland69 is currently offline  Dreamland69
Messages: 3
Registered: July 2008
Location: Laatvia
Junior Member
From: 77.38.218*
На Debian 5.0 с OpenVZ установленном по howtoforge "OpenVZ on Debian Lenny" HN непропускает 25 порт на VN. Если телнетитса с HN,то smtp на VH отвечает, если с внешной ип - не привета ни ответа. Все остальные порты пропускается (80, 22). Где копать, чтобы открить 25 порт (пророутить)?

01. Routing rules
On HN: ip rule list
0: from all lookup local
32766: from all lookup main
32767: from all lookup default

ip route list table all

85.xxx.99.215 dev venet0 scope link
85.xxx.99.216 dev venet0 scope link
85.xxx.99.217 dev venet0 scope link
85.xxx.99.128/25 dev eth0 proto kernel scope link src 85.xxx.99.214
default via 85.xxx.99.129 dev eth0
broadcast 85.xxx.99.128 dev eth0 table local proto kernel scope link src 85.xxx.99.214
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
local 85.xxx.99.214 dev eth0 table local proto kernel scope host src 85.xxx.99.214
broadcast 85.xxx.99.255 dev eth0 table local proto kernel scope link src 85.xxx.99.214
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
fe80::/64 dev eth0 metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
unreachable default dev lo table unspec proto none metric -1 error -101 hoplimit 255
local ::1 via :: dev lo table local proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
local fe80::226:18ff:fecd:e83d via :: dev lo table local proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
ff00::/8 dev eth0 table local metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
unreachable default dev lo table unspec proto none metric -1 error -101 hoplimit 255

On VH: ip rule list
-bash: ip: command not found

02. Netfilter configuration
On HN:
iptables -t nat -L && iptables -t filter -L && iptables -t mangle -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
On VH:
iptables -t nat -L && iptables -t filter -L && iptables -t mangle -L
iptables v1.3.6: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

[Updated on: Sat, 10 April 2010 11:58]

Report message to a moderator

Re: Проблема с 25 портом - как открить? [message #39368 is a reply to message #39366] Sun, 11 April 2010 09:08 Go to previous messageGo to next message
RXL_ is currently offline  RXL_
Messages: 147
Registered: July 2009
Location: Moscow/Russia
Senior Member
From: *static.corbina.ru
Проверьте VE:
iptables -L -nvx --line-numbers




... мы преодолеваем эту трудность без синтеза распределенных прототипов. (с) Жуков М.С.
Re: Проблема с 25 портом - как открить? [message #39370 is a reply to message #39368] Sun, 11 April 2010 09:33 Go to previous messageGo to next message
Dreamland69 is currently offline  Dreamland69
Messages: 3
Registered: July 2008
Location: Laatvia
Junior Member
From: 77.38.218*
VE:
iptables -L -nvx --line-numbers
Chain INPUT (policy ACCEPT 6760 packets, 631035 bytes)
num pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 6318 packets, 884385 bytes)
num pkts bytes target prot opt in out source destination
Re: Проблема с 25 портом - как открить? [message #39371 is a reply to message #39370] Sun, 11 April 2010 10:42 Go to previous message
RXL_ is currently offline  RXL_
Messages: 147
Registered: July 2009
Location: Moscow/Russia
Senior Member
From: *static.corbina.ru
Еще возможный препон - selinux - отключите или перепишите правила.

... мы преодолеваем эту трудность без синтеза распределенных прототипов. (с) Жуков М.С.
Previous Topic: DHCP/PXE в контейнере?
Next Topic: AF_NETLINK - Connection refused
Goto Forum:
  


Current Time: Thu Oct 19 10:59:49 GMT 2017