From owner-freebsd-isp  Fri Mar 10  6:45: 3 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from thehousleys.net (frenchknot.ne.mediaone.net [24.147.224.201])
	by hub.freebsd.org (Postfix) with ESMTP id 6C02E37BF86
	for <isp@FreeBSD.ORG>; Fri, 10 Mar 2000 06:44:58 -0800 (PST)
	(envelope-from jim@thehousleys.net)
Received: from thehousleys.net (baby.int.thehousleys.net [192.168.0.24])
	by thehousleys.net (8.9.3/8.9.3) with ESMTP id JAA32749;
	Fri, 10 Mar 2000 09:44:56 -0500 (EST)
Message-ID: <38C90A68.395BCAE@thehousleys.net>
Date: Fri, 10 Mar 2000 09:44:56 -0500
From: James Housley <jim@thehousleys.net>
Organization: The Housleys dot Net
X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 3.4-STABLE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Matthew Hagerty <matthew@venux.net>
Cc: isp@FreeBSD.ORG
Subject: Re: POP3 proxy possible?
References: <4.2.2.20000307101901.00a20200@mail.venux.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Matthew Hagerty wrote:
> 
> Greetings,
> 
> I was wondering if there is a way to proxy a port, specifically pop3(110),
> to another computer.  Something like:
> 
> "If a connection comes in on my port 110, forward to ip:port"
> 
> What I have is a firewall setup like this:
> 
> Internet
>      |
>      |
> +--------+                            +---------+
> | router |                            | Bastion |
> +--------+                            +---------+
>      |          Perimeter Network           |
>      +--------------------------------------+
>      Real IP assignment  |
>                          |
>                    +-----------+
>                    | Firewall  |
>                    | NATd IPFW |
>                    +-----------+
>                          |
>       +----------------------------------+
>       |    Fake IP assignment 10.0.0.0/24
>   +------+
>   | pop3 |
>   +------+
> 
This is a snipit from the nat.cf of the FreeBSD firewall at a local
school.  I believe this is exactly what you want.

#
# Inbound SMTP
redirect_port           tcp 192.168.0.193:25 25

#
# Inbound WWW
redirect_port           tcp 192.168.0.193:80 80
redirect_port           tcp 192.168.0.193:2000 2000
redirect_port           tcp 192.168.0.193:2001 2001

#
# Inbound POP3
redirect_port           tcp 192.168.0.193:110 110

Jim
-- 
The wise man built his network upon U*nx.
    The foolish man built his network upon Windows.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message