I want to port forward any packets sent to port 25 on the external interface
to an internal email server but I seem to be having trouble doing so. I've
made the necessary changes to the network config file but the changes aren't
taking hold. I've rebooted the server twice to no avail (I'm a M$ techie :)
).
Here's the network config file condensed:
<snip>
# ICMP types to open
# Space seperated list: proto_destIP/mask_port#NOMASQ_DEST="tcp_0/0_ssh"
# Indexed list: "SrcAddr/Mask type [ DestAddr[/DestMask] ]"
#EXTERN_ICMP_PORT0="0/0 : 1.1.1.12"
## UDP Services open to outside world
# Space seperated list: srcip/mask_dstport
# NOTE: bootpc port is used for dhcp client
#EXTERN_UDP_PORTS="0/0_domain 0/0_bootpc"
# -or-
# Indexed list: "SrcAddr/Mask port [ DestAddr[/DestMask] ]"
#EXTERN_UDP_PORT0="0/0 domain"
#EXTERN_UDP_PORT1="5.6.7.8 500 1.1.1.12"
# TCP services open to outside world
# Space seperated list: srcip/mask_dstport
EXTERN_TCP_PORTS="xxx.xxx.0.0/16_ssh 0/0_www 0/0_8080 0/0_25" <--edited to
hide actual addrs
# -or-
# Indexed list: "SrcAddr/Mask port [ DestAddr[/DestMask] ]"
#EXTERN_TCP_PORT0="5.6.7.8 domain 1.1.1.12"
#EXTERN_TCP_PORT1="0/0 www"
<snip>
############################################################################
###
# Port Forwarding
############################################################################
###
# Remember to open appropriate holes in the firewall rules, above
# Uncomment following for port-forwarded internal services.
# The following is an example of what should be put here.
# Tuples are as follows:
# <protocol>_<local-ip>_<local-port>_<remote-ip>_<remote-port>
INTERN_SERVERS="tcp_${EXTERN_IP}_smtp_192.168.1.4_smtp
tcp_${EXTERN_IP}_8080_192.168.1.15_www
# These lines use the primary external IP address...if you need to
port-forward
# an aliased IP address, use the INTERN_SERVERS setting above
#INTERN_FTP_SERVER=192.168.1.1 # Internal FTP server to make available
#INTERN_WWW_SERVER=192.168.1.1 # Internal WWW server to make available
#INTERN_SMTP_SERVER=192.168.1.1 # Internal SMTP server to make available
#INTERN_POP3_SERVER=192.168.1.1 # Internal POP3 server to make available
#INTERN_IMAP_SERVER=192.168.1.1 # Internal IMAP server to make available
#INTERN_SSH_SERVER=192.168.1.1 # Internal SSH server to make available
#EXTERN_SSH_PORT=24 # External port to use for internal SSH
access
# Advanced settings: parameters passed directly to portfw and autofw
# Indexed list: "<ipmasqadm portfw options>"
#INTERN_SERVER0="-a -P PROTO -L LADDR LPORT -R RADDR RPORT [-p PREF]"
#INTERN_SERVER1=""
# Indexed list: "<ipmasqadm autofw options>"
#INTERN_AUTOFW0="-A -r tcp 20000 20050 -h 192.168.1.1"
#INTERN_AUTOFW1=""
<snip>
Running the Port Probe function at www.grc.com reveals port 25 to be in
stealth mode which under any other circumstances would be great but not
under the current circumstance! The same probe shows port 80 to be open
which is what I intended. The IP address for our email server is
192.168.1.4. It's an Exchange box with ports SMTP, POP3, and IMAP opened.
Currently running Dachstein CD 1.0.2.
~Doug
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
