[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

ipfwadm and mail.......

Subject: ipfwadm and mail.......
From: manoj rajendran <manojrajendran@xxxxxxx>
Date: 20 Jul 99 05:49:40 MDT

hello guys,
i have RH 5.2 running for pop3(qpopper3.0b),smtp(sendmail 8.8.7)and DNS
services. I wanted to configure the same m/c as firewall for our LAN and =
it
has got two ethernet interfaces (eth0,eth1).One for the Private network w=
ith
ip 192.168.1.1 and the other for the external one with an ip 203.129.249.=
170.
I have a dedicated(leased) line .
i installed ipfwadm with rules like =


### For the out going ##### =

  ipfwadm -O -a accept -P tcp \
          -S $ISP_IP $HIGHPORT \
          -D $ALLIP pop3 smtp ftp ftp-data www telnet domain =

###For incoming requests  =

  ipfwadm -I -a accept -P tcp \
          -S $ALLIP  \
          -D $ISP_IP pop3 smtp ftp ftp-data www telnet domain     =


### Allow return packets ###
  ipfwadm -I -a accept -k -P tcp \
          -S $ALLIP pop3 smtp ftp ftp-data www telnet domain \  =

          -D $ISP_IP $HIGHPORT =

### IP masquerading ##
   ipfwadm -F -a masquerade -S $PRIV_NET -D 0.0.0.0/0 =


  where ISP_IP =3D>203.129.249.170 (our public address)
        ALLIP =3D> 0.0.0.0
        HIGHPORT =3D> 1024:65535
        PRIV_NET =3D> 192.168.1.1

Now the problem is that even though i can browse(www) ftp or telnet anywh=
ere
from my private network, i am not able to send any mails out ! the mails
return undelivered(i have given the 192.168.1.1 as the outgoing as well a=
s
pop3 server on clients--'outlook') but the internal mailing works !Even t=
he
fetchmail gives 'smtp transaction error' =

is it sendmail configuration problem ?? sendmail and fetchmail used to wo=
rk
fine before ipfwadm. I think ipfwadm is not allowing sendmail to read fro=
m
port 25(?)  =

Hope i have managed to state my problem correctly.
please advice me how to overcome this .

Thanks a lot ,
Manoj


____________________________________________________________________
Get free e-mail and a permanent address at http://www.netaddress.com/?N=3D=
1

- --------------------------------------------------------------------
For more information on Linux in India visit http://www.linux-india.org/
The Linux India mailing list does not accept postings in HTML format.

------------------------------

Prev by Subject: IP range in DNS
Next by Subject: Re: ipfwadm and mail.......
Previous by thread: Re: Telnet
Next by thread: Re: ipfwadm and mail.......
Index(es):
- Subject
- Thread