From owner-freebsd-security Mon Oct 26 13:19:58 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA23947 for freebsd-security-outgoing; Mon, 26 Oct 1998 13:19:58 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from accessone.com (blaze.accessone.com [198.68.191.19]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA23940 for ; Mon, 26 Oct 1998 13:19:56 -0800 (PST) (envelope-from chadth@atvideo.com) Received: from scan.atvideo.com (root@scan.atvideo.com [204.118.35.14]) by accessone.com (8.8.5/8.8.5/PIH) with ESMTP id NAA00009 for ; Mon, 26 Oct 1998 13:19:19 -0800 (PST) Received: from chadth.atvideo.com (pip.atvideo.com [204.118.35.21]) by scan.atvideo.com (8.9.1/8.8.5) with SMTP id NAA09641 for ; Mon, 26 Oct 1998 13:22:56 -0500 Received: by chadth.atvideo.com with Microsoft Mail id <01BE00E3.2EDE9D70@chadth.atvideo.com>; Mon, 26 Oct 1998 13:18:55 -0800 Message-ID: <01BE00E3.2EDE9D70@chadth.atvideo.com> From: Chad Thunberg To: "'freebsd-security@freebsd.org'" Subject: FW: firewall + internal mail server Date: Mon, 26 Oct 1998 13:18:54 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by hub.freebsd.org id NAA23943 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----Original Message----- From: Chad Thunberg [SMTP:chadth@atvideo.com] Sent: Monday, October 26, 1998 1:02 PM To: 'Jim Flowers' Cc: 'freebsd-securirty@freebsd.org'; 'freebsd-questions@freebsd.org' Subject: RE: firewall + internal mail server Jim, Thank you for your response but I am unable to get this below to work. It appears that natd is not listening to that port. Do I need to do anything to make natd monitor the port? Sendmail is disabled on the firewalling machine, making port 25 available to be bound too. I also tried redirect_port tcp ip.of.mail.server:25 25 as well as redirct_port tcp ip.of.mail.server:25 ip.of.public.interface:25 Any more input would be great. Thanks, -Chad -----Original Message----- From: Jim Flowers [SMTP:jflowers@ezo.net] Sent: Thursday, October 22, 1998 12:35 PM To: Chad Thunberg Cc: freebsd-security@FreeBSD.ORG; freebsd-questions@FreeBSD.ORG Subject: Re: firewall + internal mail server Just did it. Very simple to implement NAT (natd) and use the redirect-port capability: natd - interface ed0 redirect_port other_host:smtp smtp \ * redirect_port other_host:pop3 pop3 All your other reserved addresses will be translated per usual. Works like a charm with MS Exchange. Jim Flowers #4 ISP on C|NET, #1 in Ohio On Thu, 22 Oct 1998, Chad Thunberg wrote: > I am setting up a firewall and enabled natd but have an internal mail > server. Is there a way to still be able to access the internal mail server > from the outside for sending and receiving email? I thought about giving > the firewall a vhost of mail.host.com and diverting packets that came in > from 110 and 25 to the internal mail server but from the man pages, divert > seems to be used for diverting packets from one port to another on the same > machine instead of diverting them to a new or ineternal ip. Any help on the > subject would be great. I would rather not put the mail server outside of > the firewall. good idea, although on a perimeter network with a good wrapper is even better. > > Thanks, > -Chad > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message