From owner-freebsd-questions  Thu Dec 16 14:11:44 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from sax.sax.de (sax.sax.de [193.175.26.33])
	by hub.freebsd.org (Postfix) with ESMTP id 2E139158BF
	for <freebsd-questions@FreeBSD.ORG>; Thu, 16 Dec 1999 14:11:39 -0800 (PST)
	(envelope-from mw@theatre.sax.de)
Received: (from uucp@localhost)
	by sax.sax.de (8.9.3/8.9.3) with UUCP id XAA26598;
	Thu, 16 Dec 1999 23:11:30 +0100 (CET)
Received: by theatre.sax.de (8.9.3/8.6.12-s1)
	id WAA15185; Thu, 16 Dec 1999 22:35:35 +0100 (CET)
Date: Thu, 16 Dec 1999 22:35:34 +0100
From: Martin Welk <mw@theatre.sax.de>
To: Scott Worthington <SWorthington@hsag.com>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: Proper use of natd for mail (port 25)...
Message-ID: <19991216223534.C13659@theatre.sax.de>
References: <s858d921.054@internal.hsag.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <s858d921.054@internal.hsag.com>; from SWorthington@hsag.com on Thu, Dec 16, 1999 at 12:20:29PM -0700
Organization: Private UUCP/Usenet site.
X-Phone: +49 3731 458867
X-Operating-System: FreeBSD http://www.freebsd.org/
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Scott, I have set up similar configurations at work and for customers -
for example, for VNC access of a Windoze box from special hosts in the
outer world or using FileMaker databases. It works flawlessly - I tried
to look through for mail carefully but didn't find anything, sorry.

Please add a ``log'' parameter to your firewall rules and look where
the packets go and how they look like (and you can give us some useful
excerpt from it, I mean, what happens to the packet(s) on their way?)

You could even tcpdump -i fxp1 to see which packets go through that net.

I think the packets coming back from your internal SMTP server don't pass
natd, because you do divert those packets if they go via fxp0. A private
nework (10.0/8, 172.I.was.to.lazy.to.look.in./etc/hosts, 192.168/16) should
never be routed to the outer world, maybe that's the simple reason.

Remove the ``via fxp0'' parameter from the divert rule.

Good luck,

Martin
-- 
 /| /|        | /| /            ,,You know, there's a lot of opportunities,
/ |/ | artin  |/ |/ elk                     if you're knowing to take them,
                                  you know, there's a lot of opportunities,
Freiberg/Saxony, Germany                 if there aren't you can make them,
mw@sax.de / mw@theatre.sax.de          make or break them!'' (Tennant/Lowe)


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message