hi, first i would like to thanks Tom for this amazing & excellent software. WOW, up and running in 10 minutes... This is so easy to use ! I''m having only one problem. I am trying to accept mail going from my dmz to my isp mail server smtp1.sympatico.ca . My mail server relay everything to that server. I''ve put the following line in /etc/rules: ACCEPT dmz net:smtp1.sympatico.ca tcp 25 When i execute "shorewall restart" it get the following error: iptables v1.2.6a: interface name `stmp1.sympatico.ca'' must be shorter than IFNAMSIZ (15) Try `iptables -h'' or ''iptables --help'' for more information. Can i use the hostname of the server i want to connect to in the /etc/rules ? or is it only ip address. I saw on http://www.shorewall.net/myfiles.htm ACCEPT dmz net:$NTPSERVERS udp ntp ACCEPT dmz net:$POPSERVE Using $SERVER, Could that be a way of solving my problem ? Thanks, Jean-Pierre Denis jp at msfree dot ca
--On Saturday, December 07, 2002 09:46:18 PM -0500 Jean-Pierre Denis <jp@msfree.ca> wrote:> hi, > > first i would like to thanks Tom for this amazing & excellent software. > WOW, up and running in 10 minutes... This is so easy to use ! > > I''m having only one problem. > I am trying to accept mail going from my dmz to my isp mail server > smtp1.sympatico.ca . My mail server relay everything to that server. > > I''ve put the following line in /etc/rules: > > ACCEPT dmz net:smtp1.sympatico.ca tcp 25I just restarted my firewall with the following rule in place: ACCEPT dmz net:mail.blarg.net tcp pop3 Which version of Shorewall are you running ("/sbin/shorewall version")? Support for DNS names wasn''t added until 1.3.9 -- I also strongly recommend against using them (see http://shorewall.sf.net/configuration_file_basics.htm under the topic "Using DNS Names"). -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://shorewall.sf.net ICQ: #60745924 \ teastep@shorewall.net
<snip>>> first i would like to thanks Tom for this amazing & excellent >> software. WOW, up and running in 10 minutes... This is so easy to >> use>> I''m having only one problem. >> I am trying to accept mail going from my dmz to my isp mail server >> smtp1.sympatico.ca . My mail server relay everything to that server. >> >> I''ve put the following line in /etc/rules: >> >> ACCEPT dmz net:smtp1.sympatico.ca tcp 25 > > I just restarted my firewall with the following rule in place: > > ACCEPT dmz net:mail.blarg.net tcp pop3 > > Which version of Shorewall are you running ("/sbin/shorewall > version")? Support for DNS names wasn''t added until 1.3.9 -- I also > strongly recommend against using them (see > http://shorewall.sf.net/configuration_file_basics.htm under the topic > "Using DNS Names").Thanks tom .. That''s why: rpm -qa shorewall shorewall-1.3.7c-1mdk and thanks for the advice... I don''t really what to be padged at 2am so i will convert everything to ip address. But i''ve always use hostname with iptables and i never had any problem. I''m worried about the server changing his ip address. Thanks, Jean-Pierre Denis jp at msfree dot ca
--On Saturday, December 07, 2002 10:08:47 PM -0500 Jean-Pierre Denis <jp@msfree.ca> wrote:> > But i''ve always use hostname with iptables and i never had any problem. > I''m worried about the server changing his ip address. >And that''s why I offer people the choice of using them -- I just have to make my opinion clear :-) -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://shorewall.sf.net ICQ: #60745924 \ teastep@shorewall.net