i'm using dachstein 1.0.2 on a home network firewall. everything seems
hunky dory:
network cards are both recognized and configured correctly
masquerading works on the internal machines
everyone can ping everyone, both inside and out.
the last hurdle is port forwarding -- it looks ok, but isn't working
(i'm not receiving mail, and i can't telnet to the smtp port from a
remote machine). note that the internal server that handles mail, ftp
and apache is satan.diablo.net (192.168.0.2). the firewall is
mephisto.diablo.net (eth0: 64.164.47.8 eth1: 192.168.0.1).
modules:
ip_masq_user 3708 0 (unused)
ip_masq_portfw 2416 4
ip_masq_ftp 3576 0 (unused)
ip_masq_mfw 3196 0 (unused)
ip_masq_autofw 2476 0 (unused)
rtl8139 10856 1
tulip 32424 1
pci-scan 2300 0 [rtl8139 tulip]
isofs 17692 0
ide-cd 22672 0
cdrom 26712 0 [ide-cd]
forwarded ports:
# ipmasqadm portfw -l
prot localaddr rediraddr lport rport pcnt pref
TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net satan.diablo.localnet 24 ssh 10 10
TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net satan.diablo.localnet smtp smtp 10 10
TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net satan.diablo.localnet www www 10 10
TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net satan.diablo.localnet ftp ftp 10 10
here are the relevent variables i've set. i'm wondering what the
difference between them is. they look to do the same thing to me:
INTERN_SERVERS="tcp_${EXTERN_IP}_ftp_192.168.0.2_ftp
tcp_${EXTERN_IP}_smtp_192.168.0.2_smtp"
# These lines use the primary external IP address...if you need to
# port-forward
# an aliased IP address, use the INTERN_SERVERS setting above
INTERN_FTP_SERVER=192.168.0.2 # Internal FTP server to make available
INTERN_WWW_SERVER=192.168.0.2 # Internal WWW server to make available
INTERN_SMTP_SERVER=192.168.0.2 # Internal SMTP server to make available
#INTERN_POP3_SERVER=192.168.0.2 # Internal POP3 server to make available
#INTERN_IMAP_SERVER=192.168.0.2 # Internal IMAP server to make available
INTERN_SSH_SERVER=192.168.0.2 # Internal SSH server to make available
EXTERN_SSH_PORT=24 # External port to use for internal SSH
i'm looking at this, and i can't see anything that's wrong. the output
of ipmasqadm looks compelling. it LOOKS like it should be working.
help! any advice? what exactly is the difference between
INTERN_SERVERS and INTER_.*_SERVER? i'm not too sure what an
"aliased IP address" is. does that refer to a masqueraded ip address
(like 192.168.0.2)?
any help greatly appreciated. i've been staring at this for far too
long. :)
pete
--
PGP Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D
PGP Public Key: finger [EMAIL PROTECTED]
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
