Do you have the corresponding ports *open* in the EXTERN_TCP_PORTS section? If
not, the forwarding rules are inside waiting for a bride that's locked out of
the church ;)
Also, since it looks like you have re-numbered your network from the default
(changed 192.168.1 to 192.168.0) you should have a stroll back thru your
configs, to make sure you have changed every instance of 192.168.1.
Dan
Quoting Peter Jay Salzman <[EMAIL PROTECTED]>:
> i'm using dachstein 1.0.2 on a home network firewall. everything
> seems
> hunky dory:
>
> network cards are both recognized and configured correctly
> masquerading works on the internal machines
> everyone can ping everyone, both inside and out.
>
> the last hurdle is port forwarding -- it looks ok, but isn't working
> (i'm not receiving mail, and i can't telnet to the smtp port from a
> remote machine). note that the internal server that handles mail, ftp
> and apache is satan.diablo.net (192.168.0.2). the firewall is
> mephisto.diablo.net (eth0: 64.164.47.8 eth1: 192.168.0.1).
>
> modules:
> ip_masq_user 3708 0 (unused)
> ip_masq_portfw 2416 4
> ip_masq_ftp 3576 0 (unused)
> ip_masq_mfw 3196 0 (unused)
> ip_masq_autofw 2476 0 (unused)
> rtl8139 10856 1
> tulip 32424 1
> pci-scan 2300 0 [rtl8139 tulip]
> isofs 17692 0
> ide-cd 22672 0
> cdrom 26712 0 [ide-cd]
>
> forwarded ports:
> # ipmasqadm portfw -l
> prot localaddr rediraddr lport rport pcnt
> pref
> TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net satan.diablo.localnet 24
> ssh 10 10
> TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net satan.diablo.localnet smtp
> smtp 10 10
> TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net satan.diablo.localnet www
> www 10 10
> TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net satan.diablo.localnet ftp
> ftp 10 10
>
> here are the relevent variables i've set. i'm wondering what the
> difference between them is. they look to do the same thing to me:
>
> INTERN_SERVERS="tcp_${EXTERN_IP}_ftp_192.168.0.2_ftp
> tcp_${EXTERN_IP}_smtp_192.168.0.2_smtp"
>
> # These lines use the primary external IP address...if you need to
> # port-forward
> # an aliased IP address, use the INTERN_SERVERS setting above
> INTERN_FTP_SERVER=192.168.0.2 # Internal FTP server to make
> available
> INTERN_WWW_SERVER=192.168.0.2 # Internal WWW server to make
> available
> INTERN_SMTP_SERVER=192.168.0.2 # Internal SMTP server to make
> available
> #INTERN_POP3_SERVER=192.168.0.2 # Internal POP3 server to make
> available
> #INTERN_IMAP_SERVER=192.168.0.2 # Internal IMAP server to make
> available
> INTERN_SSH_SERVER=192.168.0.2 # Internal SSH server to make
> available
> EXTERN_SSH_PORT=24 # External port to use for internal
> SSH
>
> i'm looking at this, and i can't see anything that's wrong. the
> output
> of ipmasqadm looks compelling. it LOOKS like it should be working.
>
> help! any advice? what exactly is the difference between
> INTERN_SERVERS and INTER_.*_SERVER? i'm not too sure what an
> "aliased IP address" is. does that refer to a masqueraded ip address
> (like 192.168.0.2)?
>
> any help greatly appreciated. i've been staring at this for far too
> long. :)
>
> pete
>
> --
> PGP Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D
> PGP Public Key: finger [EMAIL PROTECTED]
>
> _______________________________________________
> Leaf-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/leaf-user
>
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
