SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0002389: a lot of forward:drop entries when using POP3-Proxy - MantisBT
MantisBT - Endian Firewall
View Issue Details
0002389Endian FirewallOther Servicespublic2009-11-07 15:222010-09-23 15:26
bodo olschewski 
 
normalminoralways
acknowledgedopen 
2.3 
 
0002389: a lot of forward:drop entries when using POP3-Proxy
Hello,

I have a lot of forward:DROP entries in firewall protocol like this:
FORWARD:DROP TCP (br1) <int. mailserver>:xxxx -> <ext. mailserver>:110 (eth3)

An outgoing rule for tcp 110 for the int. mailserver to red is active.
Without pop3-proxy everything looks correct, but after activating pop3-proxy, I get a lot of drop entries in firewall protocol - but emails still arrive.

Is there a way to stop this forward:drop entries in firewall protocol ? (that I can see easier real problems ...)

By the way: Endian 2.3 looks very nice!
No tags attached.
Issue History
2009-11-07 15:22bodo olschewskiNew Issue
2009-11-25 15:08peter-endianNote Added: 0003383
2009-11-25 15:08peter-endianStatusnew => feedback
2009-11-27 15:49bodo olschewskiNote Added: 0003428
2010-09-23 15:26peter-endianStatusfeedback => acknowledged

Notes
(0003383)
peter-endian   
2009-11-25 15:08   
do you have a mailserver which fetches mails from an external pop server?

not sure why you have pop3 connections in forward at all. pop3 proxy transparently intercepts those connections, so you should not have any pop3 connections anymore.
Are you sure the connections go through pop3-proxy?
(0003428)
bodo olschewski   
2009-11-27 15:49   
Hello,

I use hMailer on orange (with pop3 proxy on orange) to load emails from external pop3-Accounts from various external servers. (the server has to lan, but only the orange LAN has a gateway, also the orange lan adress appears in the firewall list)

Sometimes I get not one entry (for pop3 traffic) for 30 minutes or even longer (after restart endian or try changing rules etc.), but lately after some hours it starts again.
So in one day I get 30-50 protocol pages full with such entries.

Receiving the emails still work all the time.