forward command for smtp/pop - not working

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,
     My server is on FC3 (fedora3)
eth0 is WAN ( dynamic IP )
eth1 is LAN

This a continuation of my most recent post 
" smtp/pop and NAT only " .

I have set the rules as follows :

# Generated by iptables-save v1.2.11 on Wed May 11 11:06:56 2005
*nat
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -s 192.168.0.0/24 -j MASQUERADE
COMMIT
# Completed on Wed May 11 11:06:56 2005
# Generated by iptables-save v1.2.11 on Wed May 11 11:06:56 2005
*mangle
:PREROUTING ACCEPT [93:9058]
:INPUT ACCEPT [85:8650]
:FORWARD ACCEPT [8:408]
:OUTPUT ACCEPT [88:8886]
:POSTROUTING ACCEPT [95:9218]
COMMIT
# Completed on Wed May 11 11:06:56 2005
# Generated by iptables-save v1.2.11 on Wed May 11 11:06:56 2005
*filter
:INPUT ACCEPT [85:8650]
:FORWARD ACCEPT [8:408]
:OUTPUT ACCEPT [87:8810]
-P FORWARD DROP
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth1 -o eth0 -s 192.168.0.248 -j ACCEPT
-A FORWARD -i eth1 -o eth0 -s 192.168.0.253 -j ACCEPT
-A FORWARD -i eth1 -o eth0 -p tcp --dport 25 -j ACCEPT
-A FORWARD -i eth1 -o eth0 -p tcp --dport 110 -j ACCEPT
COMMIT
# Completed on Wed May 11 11:06:56 2005

The clients 192.168.0.248 / 253 are able browse and
send/recieve mails.

But other clients are not able to send/recieve mails.

Here are fews things that I did:

>From fedora3 server :

[root@fedora3 ~]# cat /etc/resolv.conf
; generated by /sbin/dhclient-script
search saice.edu
nameserver 203.145.184.13


[root@fedora3 ~]# telnet 64.233.185.27 25
Trying 64.233.185.27...
Connected to gsmtp185.google.com (64.233.185.27).
Escape character is '^]'.
220 mx.gmail.com ESMTP g3si533838wra

>From non NAT clients :

[root@ ~]# cat /etc/resolv.conf
nameserver 203.145.184.13
                                                                                
# ppp temp entry


[root@ ~]# telnet 64.233.185.27 25
Trying 64.233.185.27...
Connected to 64.233.185.27 (64.233.185.27).
Escape character is '^]'.
220 mx.gmail.com ESMTP 35si1283118wra
quit
221 2.0.0 mx.gmail.com closing connection
Connection closed by foreign host.
[root@ ~]#

I am not able to ping ISP gateway or DNS.

Non NAT are not able send/recieve mails.

I don't understand why this FORWARD command
does not work. 

Or have I forgotten something ?

Can't we just use PREROUTING command for smtp
and pop.

Thanks in advance

Varun
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux