[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]
Re: ipfwadm and mail.......
I would suggest that you have something wrong on the DNS and your Cw entries
are incorrect, I would suggest that you get TIS FWTK, I have no experience
with ipfwadm, but with TIS yes indeed, I use the exactly same config here.
Try to check the config of DNS first (i.e see if it has a MX record) then
do the following, telnet mymachine 25 ( from the external world, ) I would
suggest you use a split DNS (one in the internal network and one in the
external network, Do lt me know if you have this solved, also try to see
what happens when you go from the external world to do telnet
203.129.249.170 25
also have you enabled telnet for the world on your system ??
(vishal@ferrari:/home/vishal > telnet 203.129.249.170
Trying 203.129.249.170...
Connected to 203.129.249.170.
Escape character is '^]'
Red Hat Linux release 5.2 (Apollo)
Kernel 2.0.36 on an i686
login: r.
This is DANGEROUS !!!!!!!!!!!!
I would suggest
a) Remove the IPFWADM - get TIS fwtk
b) check your sendmail from the external world
c) if all works gt the fwtk ( I cannot give it across though it is freeware,
but you need to download it on your own
d) let me know if things work
Cheers
Vishal
==============================================
email: vkhanna@xxxxxxxxxxxxxxxxxxx
==============================================
"- F E W A R E E Q U I P P E D T O D I V E D E E P -"
- -----Original Message-----
From: manoj rajendran <manojrajendran@xxxxxxx>
To: linux-india@xxxxxxxxx <linux-india@xxxxxxxxx>
Date: Wednesday, July 21, 1999 10:53 AM
Subject: ipfwadm and mail.......
>hello guys,
>i have RH 5.2 running for pop3(qpopper3.0b),smtp(sendmail 8.8.7)and DNS
>services. I wanted to configure the same m/c as firewall for our LAN and it
>has got two ethernet interfaces (eth0,eth1).One for the Private network
with
>ip 192.168.1.1 and the other for the external one with an ip
203.129.249.170.
>I have a dedicated(leased) line .
>i installed ipfwadm with rules like
>
>### For the out going #####
> ipfwadm -O -a accept -P tcp \
> -S $ISP_IP $HIGHPORT \
> -D $ALLIP pop3 smtp ftp ftp-data www telnet domain
>###For incoming requests
> ipfwadm -I -a accept -P tcp \
> -S $ALLIP \
> -D $ISP_IP pop3 smtp ftp ftp-data www telnet domain
>
>### Allow return packets ###
> ipfwadm -I -a accept -k -P tcp \
> -S $ALLIP pop3 smtp ftp ftp-data www telnet domain \
> -D $ISP_IP $HIGHPORT
>### IP masquerading ##
> ipfwadm -F -a masquerade -S $PRIV_NET -D 0.0.0.0/0
>
> where ISP_IP =>203.129.249.170 (our public address)
> ALLIP => 0.0.0.0
> HIGHPORT => 1024:65535
> PRIV_NET => 192.168.1.1
>
>Now the problem is that even though i can browse(www) ftp or telnet
anywhere
>from my private network, i am not able to send any mails out ! the mails
>return undelivered(i have given the 192.168.1.1 as the outgoing as well as
>pop3 server on clients--'outlook') but the internal mailing works !Even the
>fetchmail gives 'smtp transaction error'
>is it sendmail configuration problem ?? sendmail and fetchmail used to work
>fine before ipfwadm. I think ipfwadm is not allowing sendmail to read from
>port 25(?)
>Hope i have managed to state my problem correctly.
>please advice me how to overcome this .
>
>Thanks a lot ,
>Manoj
>
>
>____________________________________________________________________
>Get free e-mail and a permanent address at http://www.netaddress.com/?N=1
>
>--------------------------------------------------------------------
>For more information on Linux in India visit http://www.linux-india.org/
>The Linux India mailing list does not accept postings in HTML format.
>
- --------------------------------------------------------------------
For more information on Linux in India visit http://www.linux-india.org/
The Linux India mailing list does not accept postings in HTML format.
------------------------------