Maybe u can help me out here...
I have the same problem as you had, whereas the Bride was inside waiting while
the groom stood outside behind the lockdoor..
I tried all options that u were told to try, but still my portforwarding is
giving problems......
can u probably be so kind as to send me a copy of your network.conf..
i'm using dachstein cd v1.02
here's my loaded modules:
ip_masq_autofw
ip_masq_ftp
ip_masq_icq
ip_masq_mfw
ip_masq_mms
ip_masq_portfw
ip_masq_pptp
ip_masq_raudio
ip_masq_user
ip_gre
This is where i think i open the door for the grooom:
# TCP services open to outside world
# Space seperated list: srcip/mask_dstport
EXTERN_TCP_PORTS="0/0_1723 0/0_smtp 0/0_pop-3"
And this is where i enable the portforwarding:
# <protocol>_<local-ip>_<local-port>_<remote-ip>_<remote-port>
#INTERN_SERVERS="tcp_${EXTERN_IP}_ftp_192.168.1.1_ftp
tcp_${EXTERN_IP}_smtp_192.168.1.1_smtp"
# These lines use the primary external IP address...if you need to port-forward
# an aliased IP address, use the INTERN_SERVERS setting above
#INTERN_FTP_SERVER=192.168.1.1 # Internal FTP server to make available
#INTERN_WWW_SERVER=192.168.10.5 # Internal WWW server to make available
INTERN_SMTP_SERVER=192.168.10.1 # Internal SMTP server to make available
INTERN_POP3_SERVER=192.168.10.1 # Internal POP3 server to make available
#INTERN_IMAP_SERVER=192.168.1.1 # Internal IMAP server to make available
#INTERN_SSH_SERVER=192.168.1.1 # Internal SSH server to make available
#EXTERN_SSH_PORT=24 # External port to use for internal SSH access
when i send a test e-mail to my e-mail server behind the firewall, and i use
TCPDUMP to check, i can see the smtp packet arriving, but when i check the Mail
Server SMTP log, i see no incoming connections...
thnks for your help...
On Thu, 3 Jan 2002 00:25:26 -0800, Peter Jay Salzman wrote:
>dan, you hit the nail on the head. the bride was definitely locked
>out
>of the church.
>
>once the lock was opened, she came screaming down the isle, rushed
>the
>altar and now the deed is done. i'm running a fully operational
>dachstein cd firewall.
>
>thank you!
>
>pete
>
>begin [EMAIL PROTECTED] <[EMAIL PROTECTED]>
>> Do you have the corresponding ports *open* in the EXTERN_TCP_PORTS
>>section? If
>> not, the forwarding rules are inside waiting for a bride that's
>>locked out of
>> the church ;)
>>
>> Also, since it looks like you have re-numbered your network from
>>the default
>> (changed 192.168.1 to 192.168.0) you should have a stroll back
>>thru your
>> configs, to make sure you have changed every instance of 192.168.1.
>>
>> Dan
>>
>> Quoting Peter Jay Salzman <[EMAIL PROTECTED]>:
>>
>> > i'm using dachstein 1.0.2 on a home network firewall. everything
>> > seems
>> > hunky dory:
>> >
>> > network cards are both recognized and configured correctly
>> > masquerading works on the internal machines
>> > everyone can ping everyone, both inside and out.
>> >
>> > the last hurdle is port forwarding -- it looks ok, but isn't
>>working
>> > (i'm not receiving mail, and i can't telnet to the smtp port
>>from a
>> > remote machine). note that the internal server that handles
>>mail, ftp
>> > and apache is satan.diablo.net (192.168.0.2). the firewall is
>> > mephisto.diablo.net (eth0: 64.164.47.8 eth1: 192.168.0.1).
>> >
>> > modules:
>> > ip_masq_user 3708 0 (unused)
>> > ip_masq_portfw 2416 4
>> > ip_masq_ftp 3576 0 (unused)
>> > ip_masq_mfw 3196 0 (unused)
>> > ip_masq_autofw 2476 0 (unused)
>> > rtl8139 10856 1
>> > tulip 32424 1
>> > pci-scan 2300 0 [rtl8139 tulip]
>> > isofs 17692 0
>> > ide-cd 22672 0
>> > cdrom 26712 0 [ide-cd]
>> >
>> > forwarded ports:
>> > # ipmasqadm portfw -l
>> > prot localaddr rediraddr lport
>>rport pcnt
>> > pref
>> > TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net
>>satan.diablo.localnet 24
>> > ssh 10 10
>> > TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net
>>satan.diablo.localnet smtp
>> > smtp 10 10
>> > TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net
>>satan.diablo.localnet www
>> > www 10 10
>> > TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net
>>satan.diablo.localnet ftp
>> > ftp 10 10
>> >
>> > here are the relevent variables i've set. i'm wondering what the
>> > difference between them is. they look to do the same thing to
>>me:
>> >
>> > INTERN_SERVERS="tcp_${EXTERN_IP}_ftp_192.168.0.2_ftp
>> > tcp_${EXTERN_IP}_smtp_192.168.0.2_smtp"
>> >
>> > # These lines use the primary external IP address...if you
>>need to
>> > # port-forward
>> > # an aliased IP address, use the INTERN_SERVERS setting above
>> > INTERN_FTP_SERVER=192.168.0.2 # Internal FTP server to make
>> > available
>> > INTERN_WWW_SERVER=192.168.0.2 # Internal WWW server to make
>> > available
>> > INTERN_SMTP_SERVER=192.168.0.2 # Internal SMTP server to make
>> > available
>> > #INTERN_POP3_SERVER=192.168.0.2 # Internal POP3 server to make
>> > available
>> > #INTERN_IMAP_SERVER=192.168.0.2 # Internal IMAP server to make
>> > available
>> > INTERN_SSH_SERVER=192.168.0.2 # Internal SSH server to make
>> > available
>> > EXTERN_SSH_PORT=24 # External port to use for
>>internal
>> > SSH
>> >
>> > i'm looking at this, and i can't see anything that's wrong. the
>> > output
>> > of ipmasqadm looks compelling. it LOOKS like it should be
>>working.
>> >
>> > help! any advice? what exactly is the difference between
>> > INTERN_SERVERS and INTER_.*_SERVER? i'm not too sure what an
>> > "aliased IP address" is. does that refer to a masqueraded ip
>>address
>> > (like 192.168.0.2)?
>> >
>> > any help greatly appreciated. i've been staring at this for far
>>too
>> > long. :)
>> >
>> > pete
>> >
>> > --
>> > PGP Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA
>>951D
>> > PGP Public Key: finger [EMAIL PROTECTED]
>> >
>> > _______________________________________________
>> > Leaf-user mailing list
>> > [EMAIL PROTECTED]
>> > https://lists.sourceforge.net/lists/listinfo/leaf-user
>> >
>
-------------------------------------------------------------
Reginald R. Richardson
[EMAIL PROTECTED] on 1/15/2002
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
