Maybe u can help me out here...
I have the same problem as you had, whereas the Bride was inside waiting while
the groom stood outside behind the lockdoor..
I tried all options that u were told to try, but still my portforwarding is
giving problems..
can u probably be so kind as to send me a copy of your network.conf..
i'm using dachstein cd v1.02
here's my loaded modules:
ip_masq_autofw
ip_masq_ftp
ip_masq_icq
ip_masq_mfw
ip_masq_mms
ip_masq_portfw
ip_masq_pptp
ip_masq_raudio
ip_masq_user
ip_gre
This is where i think i open the door for the grooom:
# TCP services open to outside world
# Space seperated list: srcip/mask_dstport
EXTERN_TCP_PORTS=0/0_1723 0/0_smtp 0/0_pop-3
And this is where i enable the portforwarding:
# protocol_local-ip_local-port_remote-ip_remote-port
#INTERN_SERVERS=tcp_${EXTERN_IP}_ftp_192.168.1.1_ftp
tcp_${EXTERN_IP}_smtp_192.168.1.1_smtp
# These lines use the primary external IP address...if you need to port-forward
# an aliased IP address, use the INTERN_SERVERS setting above
#INTERN_FTP_SERVER=192.168.1.1 # Internal FTP server to make available
#INTERN_WWW_SERVER=192.168.10.5 # Internal WWW server to make available
INTERN_SMTP_SERVER=192.168.10.1 # Internal SMTP server to make available
INTERN_POP3_SERVER=192.168.10.1 # Internal POP3 server to make available
#INTERN_IMAP_SERVER=192.168.1.1 # Internal IMAP server to make available
#INTERN_SSH_SERVER=192.168.1.1 # Internal SSH server to make available
#EXTERN_SSH_PORT=24 # External port to use for internal SSH access
when i send a test e-mail to my e-mail server behind the firewall, and i use
TCPDUMP to check, i can see the smtp packet arriving, but when i check the Mail
Server SMTP log, i see no incoming connections...
thnks for your help...
On Thu, 3 Jan 2002 00:25:26 -0800, Peter Jay Salzman wrote:
dan, you hit the nail on the head. the bride was definitely locked
out
of the church.
once the lock was opened, she came screaming down the isle, rushed
the
altar and now the deed is done. i'm running a fully operational
dachstein cd firewall.
thank you!
pete
begin [EMAIL PROTECTED] [EMAIL PROTECTED]
Do you have the corresponding ports *open* in the EXTERN_TCP_PORTS
section? If
not, the forwarding rules are inside waiting for a bride that's
locked out of
the church ;)
Also, since it looks like you have re-numbered your network from
the default
(changed 192.168.1 to 192.168.0) you should have a stroll back
thru your
configs, to make sure you have changed every instance of 192.168.1.
Dan
Quoting Peter Jay Salzman [EMAIL PROTECTED]:
i'm using dachstein 1.0.2 on a home network firewall. everything
seems
hunky dory:
network cards are both recognized and configured correctly
masquerading works on the internal machines
everyone can ping everyone, both inside and out.
the last hurdle is port forwarding -- it looks ok, but isn't
working
(i'm not receiving mail, and i can't telnet to the smtp port
from a
remote machine). note that the internal server that handles
mail, ftp
and apache is satan.diablo.net (192.168.0.2). the firewall is
mephisto.diablo.net (eth0: 64.164.47.8 eth1: 192.168.0.1).
modules:
ip_masq_user3708 0 (unused)
ip_masq_portfw 2416 4
ip_masq_ftp 3576 0 (unused)
ip_masq_mfw 3196 0 (unused)
ip_masq_autofw 2476 0 (unused)
rtl813910856 1
tulip 32424 1
pci-scan2300 0 [rtl8139 tulip]
isofs 17692 0
ide-cd 22672 0
cdrom 26712 0 [ide-cd]
forwarded ports:
# ipmasqadm portfw -l
prot localaddrrediraddr lport
rport pcnt
pref
TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net
satan.diablo.localnet 24
ssh 10 10
TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net
satan.diablo.localnet smtp
smtp 10 10
TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net
satan.diablo.localnet www
www 10 10
TCP adsl-64-164-47-8.dsl.scrm01.pacbell.net
satan.diablo.localnet ftp
ftp 10 10
here are the relevent variables i've set. i'm wondering what the
difference between them is. they look to do the same thing to
me:
INTERN_SERVERS=tcp_${EXTERN_IP}_ftp_192.168.0.2_ftp
tcp_${EXTERN_IP}_smtp_192.168.0.2_smtp
# These lines use the primary external IP