Unable to connect from home IP on ports 587/995, flushing iptables fixes the issue, but only temporarily
Linode
Linode Staff
I am having issues connecting to my mail server over ports 587/995 from my home computer. When attempting to do so, I recieve the error:
telnet mail.tiger.my 587
Trying FFFF:FFFF::FFFF:FFFF:FFFF:FFFF...
Trying x.x.x.x...
telnet: Unable to connect to remote host: Connection refused
Flushing my iptables rules will fix the problem, but only temporarily. I wasn't having this problem before, and I haven't made any recent changes manually. Even when I searched for an iptables rule with my home IP I couldn't find any.
I don't want to constantly flush my iptables, because they are part of my server's security, and fail2ban adds banned IPs to the iptables to prevent them from hacking my server. How can I determine what is causing this issue and fix it?
1 Reply
imckenzie
Linode Staff
Hi there,
It sounds like some process may be automatically applying rules to those ports rather than the IP specifically. I found this askubuntu thread that gives some advice on tracing the source of scripts that make these types of changes.
Typically, scripts that save or load iptables rules are located in etc/init.d. Assuming they use the normal iptables commands you could search for any scripts with a recursive grep, such as:
grep -R iptables-restore /etc/init.d/
grep -R iptables-save /etc/init.d/
If this produces any results, you can then trace the script to a package using dpkg:
dpkg-query -S file-name-result-of-grep
If the single-package-name terse output from dpkg isn't descriptive enough, you can apt-cache show package-name on the name of the package provided by dpkg.