Hey I am not using the domain name to connect to the mail server that is hidden behind the Nat firewall box as I can not connect to it with the domain name but I can connect to it via the IP address. What am I doing wrong? Thanks -----Original Message----- From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of Daniel Chemko Sent: Sunday, August 03, 2003 2:21 PM To: Ian McBeth Cc: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: forwarding based on hostname I would not reccomend using domain names in the submission to iptables if it is supported or not. 1. Do a resolution of the domain every once and a while and resubmit the rule to iptables. If the firewall ever has any issues resolving domain names, then the rules requiring it would break,. It is generally a bad idea to have the packet firewall relying on any external service to perform its job. Remote access services need authenitcators but beyond that, limited liability DNS, and monitoring the firewall shouldn't be talking that much. Ian McBeth wrote: >Hello > >I have an issue where I have forwarded the ports to an internal mail >server. Based off ip it works but when you get the hostname in there it >seems to get lost. No error is given just hangs and outlook says the >connection was interrupted. > >Using cat /proc/net/ip_conntrack it does not even appear to be >connecting. > >Any help would be great as I am kind of new at iptables NAT >configurations. > >Thanx > >Ian McBeth > >p.s. I have not really looked to deeply into this but can you forward >based off hostnames to your internal network? > >e.g. >mail.domainname.net --> NAT --> 192.168.0.x > > > > >
