Hi, Port 25 (SMTP) should also be allowed (confirmation mail, ... ) .
Best Regards Ed -------- Original-Nachricht -------- > Datum: Fri, 3 Aug 2012 10:06:55 +0200 > Von: Jakub Skory <k...@ukw.edu.pl> > An: openmeetings-user@incubator.apache.org > Betreff: Re: Runs internally on VPS but not internet > On Thu, Aug 02, 2012 at 04:10:59PM +0100, Graham Mcleish wrote: > > I must confess that I have only turned off the firewall completely at > > this point to get it working as I have never had to open any ports on > > Ubuntu before! I'll away and turn it back on and try and figure out how > > to open the specific ports. > Read 'iptables' manual (man iptables) :) > > For example something like this: > # remove all previous entrys > iptables -F > iptables -X > > iptables -N TCP > iptables -N UDP > > # default policy > iptables -P FORWARD DROP > iptables -P OUTPUT ACCEPT > iptables -P INPUT DROP > > # allow loopback > iptables -A INPUT -i lo -j ACCEPT > > # allow to connect FROM your ubuntu > iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT > iptables -A INPUT -p udp -m conntrack --ctstate NEW -j UDP > iptables -A INPUT -p tcp --syn -m conntrack --ctstate NEW -j TCP > > # disallow invalid > iptables -A INPUT -m conntrack --ctstate INVALID -j DROP > > # allow ping echo requests > iptables -A INPUT -p icmp --icmp-type 8 -m conntrack --ctstate NEW -j > ACCEPT > > # set reject policy > iptables -A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable > iptables -A INPUT -p tcp -j REJECT --reject-with tcp-rst > iptables -A INPUT -j REJECT --reject-with icmp-proto-unreachable > > # allow specified ports (22 is ssh), remember to change -i eth0 to your > # interface > for port in 22 5080 8443 1935 8088; do > iptables -A TCP -p tcp -m state --state NEW --dport $port -i eth0 -j > ACCEPT > done > > I did not tested it, but should work. Hope it will help! > -- > Jakub Skory, <kuba(at)ukw(dot)edu(dot)pl> > System Operator > IT Center: > _______________________________________________________________________ > tel: +48 52 3257 649, +48 52 3257 647 > fax: +48 52 3257 646, +48 52 3257 647 > working hours: 08a.m. - 04p.m. > mail: di(at)ukw(dot)edu(dot)pl > web: http://di.ukw.edu.pl/ > postal address: M. Kopernika 1 (room 8/9), 85-074, Bydgoszcz. > _______________________________________________________________________ > Kazimierz Wielki University, > J. K. Chodkiewicza 30, > 85-064, Bydgoszcz, Poland. > _______________________________________________________________________
