- 论坛徽章:
- 0
|
如题,用iptable做了端口限制操作
#!/bin/sh
#
/sbin/modprobe ipt_MASQUERADE
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_nat_ftp
/sbin/iptables -F
/sbin/iptables -t nat -F
/sbin/iptables -X
/sbin/iptables -t nat -X
/sbin/iptables -t mangle -F
###########################INPUT键#########################
/sbin/iptables -P INPUT DROP
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -p tcp -m multiport --dports 110,80,81,25,22,4555,3310 -j ACCEPT
就发现james的 mailet-2008-03-03-16-16.log 的日志有错误如下:
03/03/08 16:23:02 INFO James.Mailet: ClamAVScan: Exception caught calling CLAMD on localhost/127.0.0.1: Connection timed out
java.net.ConnectException: Connection timed out
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:519)
at java.net.Socket.connect(Socket.java:469)
at java.net.Socket.<init>(Socket.java:366)
at java.net.Socket.<init>(Socket.java:20
at org.apache.james.transport.mailets.ClamAVScan.service(ClamAVScan.java:609)
at org.apache.james.transport.LinearProcessor.service(LinearProcessor.java:424)
at org.apache.james.transport.JamesSpoolManager.process(JamesSpoolManager.java:405)
at org.apache.james.transport.JamesSpoolManager.run(JamesSpoolManager.java:309)
at java.lang.Thread.run(Thread.java:619)
如果把iptables那些去掉后,就不会出问题,可以拒绝病毒邮件。
请求帮助,谢谢。
[ 本帖最后由 zuxi_sui 于 2008-3-3 16:41 编辑 ] |
|
免费注册
发表于 2008-03-03 16:39
