RE: Fwd: GLUG: IP Nat / IP chains

Jim Morrisby on Thu, 6 Apr 2000 02:47:41 +0200

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

RE: Fwd: GLUG: IP Nat / IP chains

To: "'bds@xxxxxxxxxxxxx'" <bds@xxxxxxxxxxxxx>, "'Jonathan Peers'" <jonathanp@xxxxxxxx>
Subject: RE: Fwd: GLUG: IP Nat / IP chains
From: Jim Morrisby <Jim@xxxxxxxx>
Date: Tue, 4 Apr 2000 09:22:47 +0200
Cc: "'Gauteng Linux Users Group'" <glug@xxxxxxxxxxxx>

If required, (and security is always required), you could you a permanent
SSH tunnel, which would forward the localport to the remote port, and this
is done transparently.
If you want more info on this, just mail.....

Regards
Jim

-----Original Message-----
From: owner-glug@xxxxxxxxxxxx [mailto:owner-glug@xxxxxxxxxxxx]On Behalf
Of Berend De Schouwer
Sent: 03 April 2000 05:16
To: Jonathan Peers
Cc: Gauteng Linux Users Group
Subject: RE: Fwd: GLUG: IP Nat / IP chains


On  3 Apr, Jonathan Peers wrote:
> What do you think of "IP Filter" and would it also do the below mentioned
> .....

'IP Filter' (concept) won't - it will just allow or deny IP packets.
'IP Filter' (command) doesn't compile on glibc2 last I tried it.
'ipchains' (command) will, because it is an ipfilter/masquerader
combination.  I prefer to do as much as possible in user-space.  For
masquerading help, try /usr/doc/HOWTO/mini/IP-Masquerade.
 
> -----Original Message-----
> From: Berend De Schouwer [mailto:bds@xxxxxxxxxxxxx]
> Sent: 03 April 2000 04:19
> To: pgr@xxxxxxxxx
> Cc: Jonathan Peers; Gauteng Linux Users Group
> Subject: Re: Fwd: GLUG: IP Nat / IP chains
> 
> 
>> Hi all 
>>
>> I have a mail server on the inside of an ipchains machine. I can sendmail
>> (25) to it if I setup up sendmail to forward mail (on ipchains)  to the
>> inside mail server, but how do I pop mail off the inside mail server.
>>
>> What software would I use or how can I get ipchains to tell my port 110
>> request to that legal IP number to collect it of the inside mail server,
> or
>> if I send mail to that legal number it redirect it to the server on the
>> inside without me having to setup sendmail and mailertables.
>> 
>> Thank You
>> Jonathan
> 
> I am making the assumption(s):
> 
> Machine A                Firewall                 Machine B
> IP 10.0.0.1  <-->  IP 10.0.0.2  IP 1.0.0.1 <-->  IP 1.0.0.2
> 
> Machine A and Ip 10.x.y.z, are illegal on the Internet, and are your
> inside machines.
> 
> Machine B is on the internet, and you would like machine B to POP from
> machine A.
> 
> 
> Well, first you could look at tis-fwtk, which comes with a
> port-forwarder.  Basically you would add an entry in /etc/inetd.conf of
> the firewall which would look like:
> 110      stream  tcp     nowait  root    /usr/sbin/tcpd  plug-gw 110
> The firewall would accept incoming requests on 110 (pop), and forward
> them to another pop box.  It doesn't even understand POP - just
> forwards the packets.  Then you would tell Machine B its POP server is
> the Firewall.  This is reasonably simple to set up.  You can get
> tis-fwtk from http://www.tis.com/research/software/.  You have to e-mail
> them, but its free and comes with source.
> 
>  

-- 
Kind regards,				  
Berend                                  
                                        
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Berend De Schouwer, +27-11-712-1435, UCS

---
To unsubscribe from this list: send the line "unsubscribe glug" in
the body of a message to majordomo@xxxxxxxxxxxx

Prev by Date: RE: GLUG: ipchains and ipfwadm
Next by Date: Re: GLUG: GLUG : "Connection reset by peer ?!"
Previous by thread: RE: Fwd: GLUG: IP Nat / IP chains
Next by thread: ipchains and ipfwadm
Index(es):
- Date
- Thread