i'm having a problem viewing logs on forwarded ports from the firewall to another server, i forwarded mail(port 25) from the firewall to an internal server. The problem is when i try to view the logs it just shows the firewall ip as the sender and not the original sender. -- Regards, Mark Quitoriano, CCNA http://www.atamanetworks.com
On Thu, 2005-05-19 at 21:08 +0800, Mark Quitoriano wrote:> i'm having a problem viewing logs on forwarded ports from the firewall > to another server, i forwarded mail(port 25) from the firewall to an > internal server. The problem is when i try to view the logs it just > shows the firewall ip as the sender and not the original sender. > >In reality, the firewall may be making the connection to the internal server... and not the external machine. Especially if the internal server is on a 192.168.x.x or 10.x.x.x network and you are connecting via NAT. If that is the case, the external machine is connecting to the firewall and the firewall is connecting to the internal server. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://lists.centos.org/pipermail/centos/attachments/20050519/fb088300/attachment-0004.sig>
If you're doing true port forwarding, the internal server should see the ip address of the external machine in its logs. This is how my machines log that do this, I use this type of entry in iptables: iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth1 -j DNAT --to 10.198.0.17 P. Johnny Hughes wrote:>On Thu, 2005-05-19 at 21:08 +0800, Mark Quitoriano wrote: > > >>i'm having a problem viewing logs on forwarded ports from the firewall >>to another server, i forwarded mail(port 25) from the firewall to an >>internal server. The problem is when i try to view the logs it just >>shows the firewall ip as the sender and not the original sender. >> >> >> >> >In reality, the firewall may be making the connection to the internal >server... and not the external machine. Especially if the internal >server is on a 192.168.x.x or 10.x.x.x network and you are connecting >via NAT. If that is the case, the external machine is connecting to the >firewall and the firewall is connecting to the internal server. > > >------------------------------------------------------------------------ > >_______________________________________________ >CentOS mailing list >CentOS at centos.org >http://lists.centos.org/mailman/listinfo/centos > >