El mar, 18 de 01 de 2005 a las 20:23, Jason Opperisano escribiÃ: > On Tue, Jan 18, 2005 at 04:58:58PM -0300, Pablo Allietti wrote: > > hi people. > > > > > > i have a question.. > > > > my net is > > > > > > |200.40.228.64/28 > > | > > Firewall FC2 (200.40.229.67) > > | dns midomain.com > > | > > |192.168.1.0/24 > > ------------------------------- > > | > > | > > | > > FC2 (pop3) 192.168.1.6 > > > > > > i need to check mail in midomain.com but the pop3 server and mail server > > is in 192.168.1.8 > > > > is that correct to check and send mail? > > > > iptables -A FORWARD -i eth1 -o eth0 -p tcp -s 0/0 -d 192.168.1.6 --dport > > 110 -j ACCEPT > > iptables -A FORWARD -i eth1 -o eth0 -p tcp -s 0/0 -d 192.168.1.6 --dport > > 25 -j ACCEPT > > those are correct for your filter rules. do you already have the NAT > setup for this as well? > > iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 110 \ > -j DNAT --to-destination 192.168.1.6 > > iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 25 \ > -j DNAT --to-destination 192.168.1.6 > > -j > > -- > "This has purple stuff inside - purple is a fruit." > --The Simpsons And of course also the RELATED and ESTABLISHED rules, or the rules for the traffic going out of the machines. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac@xxxxxxxxx bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÃA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road"
