Date: Mon, 26 Oct 1998 13:02:25 -0800 From: Chad Thunberg <chadth@atvideo.com> To: "'Jim Flowers'" <jflowers@ezo.net> Cc: "'freebsd-securirty@freebsd.org'" <freebsd-securirty@FreeBSD.ORG>, "'freebsd-questions@freebsd.org'" <freebsd-questions@FreeBSD.ORG> Subject: RE: firewall + internal mail server Message-ID: <01BE00E0.E1733250@chadth.atvideo.com>
next in thread | raw e-mail | index | archive | help
Jim, Thank you for your response but I am unable to get this below to work. It appears that natd is not listening to that port. Do I need to do anything to make natd monitor the port? Sendmail is disabled on the firewalling machine, making port 25 available to be bound too. I also tried redirect_port tcp ip.of.mail.server:25 25 as well as redirct_port tcp ip.of.mail.server:25 ip.of.public.interface:25 Any more input would be great. Thanks, -Chad -----Original Message----- From: Jim Flowers [SMTP:jflowers@ezo.net] Sent: Thursday, October 22, 1998 12:35 PM To: Chad Thunberg Cc: freebsd-security@FreeBSD.ORG; freebsd-questions@FreeBSD.ORG Subject: Re: firewall + internal mail server Just did it. Very simple to implement NAT (natd) and use the redirect-port capability: natd - interface ed0 redirect_port other_host:smtp smtp \ -redirect_port other_host:pop3 pop3 All your other reserved addresses will be translated per usual. Works like a charm with MS Exchange. Jim Flowers <jflowers@ezo.net> #4 ISP on C|NET, #1 in Ohio On Thu, 22 Oct 1998, Chad Thunberg wrote: > I am setting up a firewall and enabled natd but have an internal mail > server. Is there a way to still be able to access the internal mail server > from the outside for sending and receiving email? I thought about giving > the firewall a vhost of mail.host.com and diverting packets that came in > from 110 and 25 to the internal mail server but from the man pages, divert > seems to be used for diverting packets from one port to another on the same > machine instead of diverting them to a new or ineternal ip. Any help on the > subject would be great. I would rather not put the mail server outside of > the firewall. good idea, although on a perimeter network with a good wrapper is even better. > > Thanks, > -Chad > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01BE00E0.E1733250>