On 10/16/05, Tommaso Di Donato <[EMAIL PROTECTED]> wrote: > > Module probably isn't loaded (it's only loaded if CP is in use I > > believe). > Mmmh, I think it is (I loaded it by hand with "kldload ipfw.ko"): > > # kldstat > Id Refs Address Size Name > 1 4 0xc0400000 68cca0 kernel > 2 16 0xc0a8d000 55fdc acpi.ko > 3 1 0xc25e2000 c000 ipfw.ko > > But I am not a FBSD guru, so I may be wrong.. Do I have to load some other > module?
Nope, looks like it's loaded. Not sure where to take it from here, I personally haven't touched ipfw in years. > > Any reason you wouldn't just create a port forward for > > this? Seems like what you want to do is forward any traffic from > > 10.0.0.0/24 destined to port 110 anywhere to localhost on port 8110 > > (transparent pop3 server? interesting). This can be done easily in > > our GUI, just use a port forward (it was renamed from "Inbound NAT" to > > try and remind people it can be used in either direction). > > Good question.. You are right, I already tryed it but it does not work with > p3scan. P3scan acts as a transparent pop3 proxy, but seems to recognize the > real server IP only if I use ipfw redirection (this is what I understood > from p3scan mailing list). I already tried with pf, but seems not to work.. Got it, now I understand the problem (makes sense, I was wondering how it did transparent proxy w/out access to the destination IP:) ). So basically, it does a state lookup on the socket connected to it and figures out what the original IP was based on that. > Any idea? Maybe Scott will have an idea why IPFW isn't loading your ruleset. Other than that, waiting for the p3scan developers to "fix" this. BTW, if there's a finite number of pop3 servers you need to access and you know what they are, you can run multiple instances of p3scan, one for each server and redirect the individual servers to specific p3scan instances. Not elegant, but it might work in a crunch. --Bill --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
