> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:leaf-user- > [EMAIL PROTECTED] On Behalf Of Kwon > Sent: Tuesday, April 17, 2007 5:41 AM > To: leaf-user@lists.sourceforge.net > Subject: Re: [leaf-user] Problem with Writing Shorewall Rule from DMZ to > DMZ? > > > It's kind of hard to say exactly what rule you need without more info, > > but it looks like you're trying to talk to the mail server using the > > public IP of your firewall. If you want this to work, you'll have to > > craft a shorewall rule that allows DMZ -> firewall traffic on port 25, > > and you may have to craft some custom tweaks, as well (looping through > > the firewall and back to the same network is not usually done, and since > > I haven't personally done this, I can't tell you exactly what rule(s) > > you might need). > > > You have described my problem precisely! Currently I have a rule: > DNAT net dmz:192.168.73.76 tcp 25,80,110,143,443 - $IP_QC > allow net traffic to the dmz. But this rule does not allow traffic > from dmz -> firewall -> DNAT -> dmz? > > > I'd personally recommend you configure your asterisk box to talk to the > > private IP of the gentoo mail server directly, rather than try to relay > > traffic through the firewall, which is inefficient and may require > > custom tweaks. > > > I am trying to do that at the moment; but the Trixbox/Asterisk box > use sendmail, and the following rule in /etc/mail/sendmail.rc: > define(`SMART_HOST',`192.168.73.76') > may or may not work? I use Postfix mostly and not sure if the > above works? I will ask in another mailing list.
That rule tells the sendmail on your Asterix box to relay everything which is not local to 192.168.73.76. That should do what you want, as long as the MTA running on your mail server is configured to relay mail from any host on your internal network (a typical configuration). For that change to have an effect, follow the instructions in the comments at the beginning of sendmail.rc. You need to compile sendmail.rc to generate sendmail.cf which is the configuration file used by the sendmail daemon. Sendmail.rc is the "source" file containing macros that are expanded by m4 to generate sendmail.cf. Then reload or restart your sendmail and send a test message somewhere. -Bob Gregory ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
