Shorewall users - Jan 2004 - accept before redirect

Hi!

i have one rule for redirect all output calling to port 110 to pop3 local in
firewall

REDIRECT  lan   110     tcp     pop3    -



what rule need in start file for one ip read pop3 outside the lan ?


RCC

--- Rodrigo Cortes Cano <raprop@koslan.cl> wrote:
> what rule need in start file for one ip read pop3 outside the lan ?
Depending on your setup you can use DNAT or One-to-One NAT?

JBanks

__________________________________
Do you Yahoo!?
Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
http://hotjobs.sweepstakes.yahoo.com/signingbonus

some one say try dnat or one to one rules. But one to one not. I m not use one
IP for this case. If are many case ?

dnat try but all trafic to port 110 are routed for this rules.

i m try the next and work. Is posible other rules ?

in file start
 run_iptables -t nat -I lan_dnat -s 192.168.207.80 -d x.x.x.x -p tcp --dport
pop3 -j RETURN

and in file rules

ACCEPT  lan:192.168.207.80      wan:x.x.x.x  tcp     pop3    -


now when there ip try to connect to x.x.x.x port 110 connect fine and when try
to connect any site with port 110 redirect to local pop3 in the firewall

RCC
> 
> Hi!
> 
> i have one rule for redirect all output calling to port 110 to pop3 local
> in
> firewall
> 
> REDIRECT  lan   110     tcp     pop3    -
> 
> 
> 
> what rule need in start file for one ip read pop3 outside the lan ?
> 
> 
> RCC

On Fri, 16 Jan 2004, Rodrigo Cortes Cano wrote:
> some one say try dnat or one to one rules. But one to one not. I m not use
one
> IP for this case. If are many case ?
>
> dnat try but all trafic to port 110 are routed for this rules.
>
> i m try the next and work. Is posible other rules ?
>
> in file start
>  run_iptables -t nat -I lan_dnat -s 192.168.207.80 -d x.x.x.x -p tcp
--dport
> pop3 -j RETURN
>
> and in file rules
>
> ACCEPT  lan:192.168.207.80      wan:x.x.x.x  tcp     pop3    -
>
>
> now when there ip try to connect to x.x.x.x port 110 connect fine and when
try
> to connect any site with port 110 redirect to local pop3 in the firewall
>
> RCC
>
> >
> > Hi!
> >
> > i have one rule for redirect all output calling to port 110 to pop3
local
> > in
> > firewall
> >
> > REDIRECT  lan   110     tcp     pop3    -
> >
> >
> >
> > what rule need in start file for one ip read pop3 outside the lan ?
> >
> >
I''m sorry -- I can''t understand your question.

-Tom
--
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net