From owner-freebsd-isp@FreeBSD.ORG Sat Jun 26 09:00:39 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DD01416A4CF for ; Sat, 26 Jun 2004 09:00:39 +0000 (GMT) Received: from pd2mq1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id B18D043D5A for ; Sat, 26 Jun 2004 09:00:39 +0000 (GMT) (envelope-from gbaratto@superb.net) Received: from pd3mo2so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0HZV001GWP6LA6@l-daemon> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 13:08:45 -0600 (MDT) Received: from pd2mr3so.prod.shaw.ca (pd2mr3so-ser.prod.shaw.ca [10.0.141.108])2003)) with ESMTP id <0HZV007RYOMTHD@l-daemon> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 12:56:53 -0600 (MDT) Received: from pn2ml4so.prod.shaw.ca ([10.0.121.148]) by pd2mr3so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0HZV00I5KOMT0D00@pd2mr3so.prod.shaw.ca> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 12:56:53 -0600 (MDT) Received: from chivas (S01060080c8118809.vc.shawcable.net [24.85.89.252]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with SMTP id <0HZV0056OOMT9F@l-daemon> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 12:56:53 -0600 (MDT) Date: Fri, 25 Jun 2004 11:56:07 -0700 From: "Gustavo A. Baratto" To: freebsd-isp@freebsd.org Message-id: <02b501c45ae6$12b8dee0$6400a8c0@chivas> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 X-Mailer: Microsoft Outlook Express 6.00.2800.1409 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT X-Priority: 3 X-MSMail-priority: Normal References: <028201c45ade$5a6b2f70$6400a8c0@chivas> <200406252030.58892.bln@bln.no-ip.org> Subject: Re: ipfw and mail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jun 2004 09:00:40 -0000 yes, sorry my bad... I put that after a deny... it works like a charm Thank you very much!! ----- Original Message ----- From: "Ondra Holecek" To: "Gustavo A. Baratto" ; Sent: Friday, June 25, 2004 11:30 AM Subject: Re: ipfw and mail > On Friday 25 June 2004 20:21, Gustavo A. Baratto wrote: > > Thank you very much... but I think it doesnt work :( > > > > umail7# ipfw delete 200 > > umail7# ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state > > 01400 fwd 127.0.0.1,25 tcp from any to me dst-port 2525 keep-state > > for me it is working.. does this rule really have number 1400? It is important > to have it before any other matching rule > > if you have rule > 0400 60 4530 deny log ip from any to any > > you are always blocked at 400 and never go to 1400 > > > umail7# telnet 207.228.225.128 2525 > > Trying 207.228.225.128... > > telnet: connect to address 207.228.225.128: Connection refused > > telnet: Unable to connect to remote host > > > > I tried the IP as well, instead of localhost... it doesnt work. > > > > look the telnet response from port 25: > > -bash-2.05b$ telnet 207.228.225.128 25 > > Trying 207.228.225.128... > > Connected to smtp3.superb.net. > > Escape character is '^]'. > > 220 smtp3.superb.net ESMTP > > > > thanks :) > > > > ----- Original Message ----- > > From: "Ondra Holecek" > > To: > > Sent: Friday, June 25, 2004 11:10 AM > > Subject: Re: ipfw and mail > > > > > On Friday 25 June 2004 20:00, Gustavo A. Baratto wrote: > > > > Hello guys, > > > > > > > > some of our users' ISPs don't allow them to use port 25, so they cannot > > > > use > > > > > > out mail server. > > > > > > > > I want to open a new port (2525) and forward all packets from 2525 to > > > > 25 so, they can use mail. > > > > > > > > I tried this in IPFW: > > > > 0100 119649 44772439 allow tcp from any to me dst-port 25 keep-state > > > > 0200 0 0 divert 25 ip from any to me dst-port 2525 > > > > keep-state > > > > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > > this line does something other > > > try to use this: > > > ipfw delete 200 > > > ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state > > > > > > > 0300 103075 35531648 allow ip from me to any keep-state > > > > 0400 60 4530 deny log ip from any to any > > > > > > > > > > > > If I telnet directly to port 25, I can get the prompt, but if I telnet > > > > to > > > > > > port 2525, I get a connection refused. > > > > > > > > What should I do in ipfw to forward port 2525 to port 25 tranparently? > > > > > > > > Thanks > > > > _______________________________________________ > > > > freebsd-isp@freebsd.org mailing list > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > > > > _______________________________________________ > > > freebsd-isp@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >