From owner-freebsd-isp@FreeBSD.ORG Sat May 13 07:10:27 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D59ED16A425 for ; Sat, 13 May 2006 07:10:27 +0000 (UTC) (envelope-from b.candler@pobox.com) Received: from proof.pobox.com (proof.pobox.com [207.106.133.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id 741DB43D46 for ; Sat, 13 May 2006 07:10:27 +0000 (GMT) (envelope-from b.candler@pobox.com) Received: from proof (localhost [127.0.0.1]) by proof.pobox.com (Postfix) with ESMTP id B8934247E9; Sat, 13 May 2006 03:10:26 -0400 (EDT) Received: from mappit.local.linnet.org (212-74-113-67.static.dsl.as9105.com [212.74.113.67]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by proof.sasl.smtp.pobox.com (Postfix) with ESMTP id 7E4B615E50; Sat, 13 May 2006 03:10:25 -0400 (EDT) Received: from brian by mappit.local.linnet.org with local (Exim 4.61 (FreeBSD)) (envelope-from ) id 1FeoGe-0004EO-CR; Sat, 13 May 2006 08:10:24 +0100 Date: Sat, 13 May 2006 08:10:24 +0100 From: Brian Candler To: Kobus de Wit Message-ID: <20060513071023.GB16160@uk.tiscali.com> References: <20060114203823.GA56577@uk.tiscali.com> <00e901c6763c$e46c5ca0$0b64400a@custompc1> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <00e901c6763c$e46c5ca0$0b64400a@custompc1> User-Agent: Mutt/1.4.2.1i Cc: freebsd-isp@freebsd.org Subject: Re: FreeBSD as Server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 May 2006 07:10:27 -0000 On Sat, May 13, 2006 at 06:25:29AM +0300, Kobus de Wit wrote: > I have an email (EXIM mail) server in one of the internal networks > and will have more shortly. The external public IP address of the mail > server is on the same subnet as my FreeBSD server. I'm unsuccessfully > trying to, within pf.conf (rdr), to forward traffic destined for the > mail server to the mail server. My rdr entry within pf.conf is as > follows:- > rdr on $ext_if proto tcp from any to $external_addr/32 port 25 -> > 10.64.101.4 port 25. ($external_addr is defined earlier on in pf.conf.) > > Am I missing some entries? Well, the freebsd-pf mailing list is probably a better place to ask pf-specific questions. $external_addr needs to be configured as an IP alias on your freebsd box's public-side NIC. Have you done this? Can you ping $external_addr from the outside world? What happens when you telnet to $external_addr port 25 from the outside world? In particular, if you run tcpdump on the exim box while this happens, what do you see? Use tcpdump -i fxp0 -n -s1500 'tcp port 25 or icmp' Note that the exim box will need to point its defaultroute at the freebsd box, otherwise the response packets won't be subject to NAT in the reverse direction > Should I get my network provider to route traffic for the mail server > to my FreeBSD server's IP address? The question doesn't really make sense. It's nothing to do with your network provider, unless you network provider manages your DNS for you. It's the MX records for example.com which determine which machine gets contacted when you try to send mail to foo@example.com Brian.