RE: YAPFQ (Yet Another Port forwarding Question)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is what makes it all worth while :->

-----Original Message-----
From: netfilter-admin@xxxxxxxxxxxxxxxxxxx
[mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of Kleiner, Peter
Sent: Thursday, December 04, 2003 2:49 PM
To: 'netfilter@xxxxxxxxxxxxxxxxxxx'
Subject: RE: YAPFQ (Yet Another Port forwarding Question)


> 1. Is the firewall that you're configuring the default route for the 
> IMAP server?
No.

> If it isn't, then you have to SNAT the initial connection to the IMAP 
> server.
You nailed it!!!!  Tried that, and it worked instantly.  Now that you 
suggested it, it makes perfect sense that the packets were coming into
the IMAP server with the public IP address and it (the server) was 
replying to that ip address via its default route, which is other than
the new gateway.  Thank you thank you thank you!!!!!

> 2. It probably isn't such a good habbit to use MASQ so liberally. You 
> should make sure to tie it to an interface. It is a good habbit to get

> into especially when you have many-many-many homed machines.
I have a much more extensive firewall script that I use, which locks 
things down much more tightly. I just wanted to get the port forwarding
issue figured out before I lock the sucker down.

Did I thank you yet?  Thanks!!!!!!  I've spent hours trying to figure 
this out, including switching (needlessly) from RH9 to Slackware. I'm so
silly.....

PK



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux