Maybe u can help me out here... I have the same problem as you had, whereas the Bride was inside waiting while the groom stood outside behind the lockdoor..
I tried all options that u were told to try, but still my portforwarding is giving problems...... can u probably be so kind as to send me a copy of your network.conf.. i'm using dachstein cd v1.02 here's my loaded modules: ip_masq_autofw ip_masq_ftp ip_masq_icq ip_masq_mfw ip_masq_mms ip_masq_portfw ip_masq_pptp ip_masq_raudio ip_masq_user ip_gre This is where i think i open the door for the grooom: # TCP services open to outside world # Space seperated list: srcip/mask_dstport EXTERN_TCP_PORTS="0/0_1723 0/0_smtp 0/0_pop-3" And this is where i enable the portforwarding: # <protocol>_<local-ip>_<local-port>_<remote-ip>_<remote-port> #INTERN_SERVERS="tcp_${EXTERN_IP}_ftp_192.168.1.1_ftp tcp_${EXTERN_IP}_smtp_192.168.1.1_smtp" # These lines use the primary external IP address...if you need to port-forward # an aliased IP address, use the INTERN_SERVERS setting above #INTERN_FTP_SERVER=192.168.1.1 # Internal FTP server to make available #INTERN_WWW_SERVER=192.168.10.5 # Internal WWW server to make available INTERN_SMTP_SERVER=192.168.10.1 # Internal SMTP server to make available INTERN_POP3_SERVER=192.168.10.1 # Internal POP3 server to make available #INTERN_IMAP_SERVER=192.168.1.1 # Internal IMAP server to make available #INTERN_SSH_SERVER=192.168.1.1 # Internal SSH server to make available #EXTERN_SSH_PORT=24 # External port to use for internal SSH access when i send a test e-mail to my e-mail server behind the firewall, and i use TCPDUMP to check, i can see the smtp packet arriving, but when i check the Mail Server SMTP log, i see no incoming connections... thnks for your help... On Thu, 3 Jan 2002 00:25:26 -0800, Peter Jay Salzman wrote: >dan, you hit the nail on the head. the bride was definitely locked >out >of the church. > >once the lock was opened, she came screaming down the isle, rushed >the >altar and now the deed is done. i'm running a fully operational >dachstein cd firewall. > >thank you! > >pete > >begin [EMAIL PROTECTED] <[EMAIL PROTECTED]> >> Do you have the corresponding ports *open* in the EXTERN_TCP_PORTS >>section? If >> not, the forwarding rules are inside waiting for a bride that's >>locked out of >> the church ;) >> >> Also, since it looks like you have re-numbered your network from >>the default >> (changed 192.168.1 to 192.168.0) you should have a stroll back >>thru your >> configs, to make sure you have changed every instance of 192.168.1. >> >> Dan >> >> Quoting Peter Jay Salzman <[EMAIL PROTECTED]>: >> >> > i'm using dachstein 1.0.2 on a home network firewall. everything >> > seems >> > hunky dory: >> > >> > network cards are both recognized and configured correctly >> > masquerading works on the internal machines >> > everyone can ping everyone, both inside and out. >> > >> > the last hurdle is port forwarding -- it looks ok, but isn't >>working >> > (i'm not receiving mail, and i can't telnet to the smtp port >>from a >> > remote machine). note that the internal server that handles >>mail, ftp >> > and apache is satan.diablo.net (192.168.0.2). the firewall is >> > mephisto.diablo.net (eth0: 64.164.47.8 eth1: 192.168.0.1). >> > >> > modules: >> > ip_masq_user 3708 0 (unused) >> > ip_masq_portfw 2416 4 >> > ip_masq_ftp 3576 0 (unused) >> > ip_masq_mfw 3196 0 (unused) >> > ip_masq_autofw 2476 0 (unused) >> > rtl8139 10856 1 >> > tulip 32424 1 >> > pci-scan 2300 0 [rtl8139 tulip] >> > isofs 17692 0 >> > ide-cd 22672 0 >> > cdrom 26712 0 [ide-cd] >> > >> > forwarded ports: >> > # ipmasqadm portfw -l >> > prot localaddr rediraddr lport >>rport pcnt >> > pref >> > TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net >>satan.diablo.localnet 24 >> > ssh 10 10 >> > TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net >>satan.diablo.localnet smtp >> > smtp 10 10 >> > TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net >>satan.diablo.localnet www >> > www 10 10 >> > TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net >>satan.diablo.localnet ftp >> > ftp 10 10 >> > >> > here are the relevent variables i've set. i'm wondering what the >> > difference between them is. they look to do the same thing to >>me: >> > >> > INTERN_SERVERS="tcp_${EXTERN_IP}_ftp_192.168.0.2_ftp >> > tcp_${EXTERN_IP}_smtp_192.168.0.2_smtp" >> > >> > # These lines use the primary external IP address...if you >>need to >> > # port-forward >> > # an aliased IP address, use the INTERN_SERVERS setting above >> > INTERN_FTP_SERVER=192.168.0.2 # Internal FTP server to make >> > available >> > INTERN_WWW_SERVER=192.168.0.2 # Internal WWW server to make >> > available >> > INTERN_SMTP_SERVER=192.168.0.2 # Internal SMTP server to make >> > available >> > #INTERN_POP3_SERVER=192.168.0.2 # Internal POP3 server to make >> > available >> > #INTERN_IMAP_SERVER=192.168.0.2 # Internal IMAP server to make >> > available >> > INTERN_SSH_SERVER=192.168.0.2 # Internal SSH server to make >> > available >> > EXTERN_SSH_PORT=24 # External port to use for >>internal >> > SSH >> > >> > i'm looking at this, and i can't see anything that's wrong. the >> > output >> > of ipmasqadm looks compelling. it LOOKS like it should be >>working. >> > >> > help! any advice? what exactly is the difference between >> > INTERN_SERVERS and INTER_.*_SERVER? i'm not too sure what an >> > "aliased IP address" is. does that refer to a masqueraded ip >>address >> > (like 192.168.0.2)? >> > >> > any help greatly appreciated. i've been staring at this for far >>too >> > long. :) >> > >> > pete >> > >> > -- >> > PGP Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA >>951D >> > PGP Public Key: finger [EMAIL PROTECTED] >> > >> > _______________________________________________ >> > Leaf-user mailing list >> > [EMAIL PROTECTED] >> > https://lists.sourceforge.net/lists/listinfo/leaf-user >> > > ------------------------------------------------------------- Reginald R. Richardson [EMAIL PROTECTED] on 1/15/2002 _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user