Date: Tue, 21 Nov 2000 13:22:16 -0600 From: Hamilton Hoover <hamilton@twopoint.com> To: Nick Rogness <nick@rapidnet.com> Cc: "freebsd-net@freebsd.org" <freebsd-net@FreeBSD.ORG> Subject: Re: dual homed gateway system running ipfw and nat. need rules help. Message-ID: <3A1ACB68.E9CA2862@twopoint.com> References: <Pine.BSF.4.21.0011210747001.92984-100000@rapidnet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
First, thanks so much for your help so far. The information I have learned is invaluable. Should you ever be in my neck of the woods beer and pizza are on me. I am so close at this point i can taste it. There are just a few bugs left that I am having trouble with. At this point I am still not passing mail from the firewall but I can see in various logs what is stopping it. I am not sure how to circumvent this. my natd.conf reads as follows: dynamic no use_sockets yes same_ports yes redirect_port tcp 192.x.x.x:25 209.x.x.x:25 where 192.x.x.x is the address of the mail server on the private net and 209.x.x.x is the address of the public interface of the firewall. my firewall script has these rules for passing mail. I'm unsure if I even need this with the redirect rule in natd.conf but I put it here anyway. I have tried commenting it and the results were the same. ${fwcmd} add pass tcp from any 25 to 192.x.x.x 25 I have also tried ${fwcmd} add pass tcp from any 25 to 192.x.x.x 25 via ${iip} Scanning open ports on the public side of the firewall I noticed that only ssh 22 is open. I need to have port 25 open in order for this to work right? In rc.conf I have sendmail_enable "NO" changing this to sendmail_enable "yes" produces sendmail relaying denied errors. I'm pretty sure that I don't really need sendmail running just to pass itt through the firewall but I don't seem to be able to open port 25 without it. Additionally I would like the security email sent to myself and that only seems to work if sendmail is running. any more help? Hamilton Hoover To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A1ACB68.E9CA2862>