Date: Mon, 20 Nov 2000 11:59:00 -0700 (MST) From: Nick Rogness <nick@rapidnet.com> To: Hamilton Hoover <hamilton@twopoint.com> Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>, "freebsd-questions@FreeBSD.ORG" <freebsd-questions@freebsd.org> Subject: Re: dual homed gateway system running ipfw and nat. need rules help. Message-ID: <Pine.BSF.4.21.0011201153320.68323-100000@rapidnet.com> In-Reply-To: <3A196E28.3A9806A1@twopoint.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 20 Nov 2000, Hamilton Hoover wrote:
> Hi all,
Hello.
>
> I am running a dual homed system (2 nics) acting as a gateway/firewall
> for our office T1. The private net uses 192.x.x.x and the public uses a
> 'real' address of 209.x.x.x. The firewall is up and seems to be working
> well. I used rc.firewall "simple" and have customized it to our needs.
> All outgoing requests appear to to originating from the public
> interface. I want to be able to do two things that I have not been able
> to figure out yet.
>
> 1) We keep out pop server on the private net. I need to be able to get
> the incoming mail passed to the mail server that has a 192.x.x.x
> address. I was thinking something like:
>
Incoming from the outside or inside?
> ${fwcmd} pass tcp from any 25 to 192.x.x.x
>
The POP server runs on port 110 not 25, that's SMTP.
> Is this solid or am I opening myself up from more problems. I don't want
> to relay from outside as mail is only checked from inside the private
> side.
>
If you don't want mail from the outside world or users to send
mail to the outside world, then this should work. Is the BSD
machine acting as a mail server?
Nick Rogness
- Drive defensively. Buy a tank.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0011201153320.68323-100000>