| Jonathan Peers on Mon, 3 Apr 2000 16:30:43 +0200 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| RE: Fwd: GLUG: IP Nat / IP chains |
What do you think of "IP Filter" and would it also do the below mentioned
.....
-----Original Message-----
From: Berend De Schouwer [mailto:bds@xxxxxxxxxxxxx]
Sent: 03 April 2000 04:19
To: pgr@xxxxxxxxx
Cc: Jonathan Peers; Gauteng Linux Users Group
Subject: Re: Fwd: GLUG: IP Nat / IP chains
> Hi all
>
> I have a mail server on the inside of an ipchains machine. I can sendmail
> (25) to it if I setup up sendmail to forward mail (on ipchains) to the
> inside mail server, but how do I pop mail off the inside mail server.
>
> What software would I use or how can I get ipchains to tell my port 110
> request to that legal IP number to collect it of the inside mail server,
or
> if I send mail to that legal number it redirect it to the server on the
> inside without me having to setup sendmail and mailertables.
>
> Thank You
> Jonathan
I am making the assumption(s):
Machine A Firewall Machine B
IP 10.0.0.1 <--> IP 10.0.0.2 IP 1.0.0.1 <--> IP 1.0.0.2
Machine A and Ip 10.x.y.z, are illegal on the Internet, and are your
inside machines.
Machine B is on the internet, and you would like machine B to POP from
machine A.
Well, first you could look at tis-fwtk, which comes with a
port-forwarder. Basically you would add an entry in /etc/inetd.conf of
the firewall which would look like:
110 stream tcp nowait root /usr/sbin/tcpd plug-gw 110
The firewall would accept incoming requests on 110 (pop), and forward
them to another pop box. It doesn't even understand POP - just
forwards the packets. Then you would tell Machine B its POP server is
the Firewall. This is reasonably simple to set up. You can get
tis-fwtk from http://www.tis.com/research/software/. You have to e-mail
them, but its free and comes with source.
--
Kind regards,
Berend
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Berend De Schouwer, +27-11-712-1435, UCS