Dear experts,
Quick quotation...
I have a sendmail server behind the shorewall-2.1.7 server. I would like
to do Port forwarding (DNAT) for clients on the internet, who need to
access the mail server.
Please let me know, which way is the most suitable to accomplish this;
using following 2 types of configurations
Setup -
Internet -- > shorewall -- > sendmail
| |
130.252.100.69 Public IP -> 130.252.100.70
Private IP ->
192.168.100.5
Rules file...
#ACTION SOURCE DEST
PROTO DEST SOURCE ORIGINAL
#
PORT PORT(S) DEST
DNAT net:130.252.100.70 loc:192.168.100.5
tcp smtp
OR
Rules file.....
#ACTION SOURCE DEST
PROTO DEST SOURCE ORIGINAL
#
PORT PORT(S) DEST
DNAT net loc:192.168.100.5
tcp smtp
Nat file...
#EXTERNAL INTERFACE INTERNAL ALL INTERFACES
LOCAL
130.252.100.70 eth0:0 192.168.100.5 No
No
Thanks in advance...
- Hirantha
Disclaimer and Confidentiality
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed. If
you have received this email in error please notify the system manager. This
message contains confidential information and is intended only for the
individual named. If you are not the named addressee you should not disseminate,
distribute or copy this e-mail. Please notify the sender immediately by e-mail
if you have received this e-mail by mistake and delete this e-mail from your
system. If you are not the intended recipient you are notified that disclosing,
copying, distributing or taking any action in reliance on the contents of this
information is strictly prohibited.
On Tue, 31 Aug 2004 12:37:51 +0600, Hirantha Wijayawardena <hirantha@crescat.com> wrote:> Dear experts, > > Quick quotation... > > I have a sendmail server behind the shorewall-2.1.7 server. I would like > to do Port forwarding (DNAT) for clients on the internet, who need to > access the mail server. > > Please let me know, which way is the most suitable to accomplish this; > using following 2 types of configurations > > Setup - > > Internet -- > shorewall -- > sendmail > > | | > > 130.252.100.69 Public IP -> 130.252.100.70 > > Private IP -> > 192.168.100.5 > > Rules file... > > #ACTION SOURCE DEST > PROTO DEST SOURCE ORIGINAL > > # > PORT PORT(S) DEST > > DNAT net:130.252.100.70 loc:192.168.100.5 > tcp smtpWrong. In this rule, only connections from 130.252.100.70 will be NATed to internal server.> > OR > > Rules file..... > > #ACTION SOURCE DEST > PROTO DEST SOURCE ORIGINAL > > # > PORT PORT(S) DEST > > DNAT net loc:192.168.100.5 > tcp smtpCorrect.> Nat file... > > #EXTERNAL INTERFACE INTERNAL ALL INTERFACES > LOCAL > > 130.252.100.70 eth0:0 192.168.100.5 No > NoGet rid this from nat file. DNAT rule does all the job. -Gilson Soares
Maybe Matching Threads
- SMTP external forward
- Is ProxyARP or NAT entries really neccesary for DNAT to work?
- Samba as a member of the W2K ADS domain using Kerberos
- Hub/Spoke OpenVPN can't communicate from Client A to Client B - FORWARD:REJECT:IN=tun0 OUT=tun0
- Logging of all connections