Open POP3 (port 110) in iptables

Hello,

I want to open the port no 110 i.e. POP3 port so that I can download my
mails from outside.

Can any one help me on this plzzz.

Regards

Vinod

(E-Mail Removed) writes:

>I want to open the port no 110 i.e. POP3 port so that I can download my
>mails from outside.

It depends on what interface your machine is using to talk to the outside
world (eg, ethernet or a ppp interface). It would be helpful if you could
explain how your network is set up - and also to be a little less ambiguous
about what you want to do. I will assume you mean you want to retrieve mail
from your own box, from an external network.

In my case, my net connection is via an ethernet card, so my iptables rules
look something like this (mostly ripped from the Netfilter HOWTO):

iptables -N block # Create a new chain
iptables -A INPUT -j block # Apply block chain to INPUT packets
iptables -A FORWARD -j block # Apply block chain to FORWARD packets

# Next line allows replies to connections originating from inside
iptables -A block -m state --state RELATED,ESTABLISHED -j ACCEPT

# Allow new connections on all interfaces accept our external ethernet
iptables -A block -m state --state NEW -i ! eth0 -j ACCEPT

# Allow ssh from anywhere
iptables -A block -p tcp -m tcp --dport 22 -j ACCEPT

iptables -A block -j DROP # Drop everything else

In your case, you'd need to add this line for POP:

iptables -A block -p tcp -m tcp --dport 110 -j ACCEPT

Paul.

--
Paul Dwerryhouse | PGP Key ID:
(not in) Melbourne, Australia | 0x6B91B584

On 2005-01-11, (E-Mail Removed) <(E-Mail Removed)> wrote:
> Hello,
>
> I want to open the port no 110 i.e. POP3 port so that I can download my
> mails from outside.
>
> Can any one help me on this plzzz.

There can be only one answer:

man iptables

Your task is a rather simple one.

Just say it aloud:

I want to open INPUT connections on my TCP port 110 coming from
my $EXTERNALINTERFACE.

And now translate to iptables via -I, -p, --dport, -i


And don't forget to use ssl based pop, so no one can sniff your
password...

--
Marco Dieckhoff
icq# 22243433
GPG Key 0x1A6C95BA -- http://www.frankonia-brunonia.de/keys

(E-Mail Removed) wrote:
> Hello,
>
> I want to open the port no 110 i.e. POP3 port so that I can download my
> mails from outside.
>
> Can any one help me on this plzzz.

May I highly suggest you open pop3s instead, to avoid sending
unencrypted auth data over the open net?

iptables -I INPUT -p tcp --dport pop3 -j ACCEPT

Read the man page! Be aware what this does.

--
-bill davidsen ((E-Mail Removed))
"The secret to procrastination is to put things off until the
last possible moment - but no longer" -me