From: Juan Hernandez <alucard@kanux.com>
To: Rob Sterenborg <rob@sterenborg.info>,
Lista de netfilter <netfilter@lists.netfilter.org>
Subject: RE: port forwarding in a web server
Date: 24 Nov 2003 13:56:20 -0400 [thread overview]
Message-ID: <1069696580.1083.27.camel@webmail.aeropostal.com.ve> (raw)
In-Reply-To: <20031124171108.6D4DC8047@sterenborg.info>
Thank you so much pal...
Now its working
Juan :D
On Mon, 2003-11-24 at 13:11, Rob Sterenborg wrote:
> > simple. Here's my scenario: I have a static IP address routed
> > (1.1.1.1)
> > to one server using a 192.168.0.* address. Is a cisco router and
> > everything works fine. This server has 192.168.0.1 as it's address and
>
> So I can assume that *ALL* traffic is routed from 1.1.1.1 to 192.168.0.1,
> which has Netfilter running ?
>
> > functions as a web server, everything works fine but, I have another
> > server that works as our mail server that is using 192.168.0.2. I've
> > been trying to redirect everything coming from port 25 to my
> > mail server
> > but it doesn't get any answer. These are the rules I've been using:
>
> echo 0 > /proc/sys/net/ipv4/ip_forward
> iptables -P FORWARD DROP
> iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
> iptables -A FORWARD -d 192.168.0.2 -p tcp --dport 25 -j ACCEPT
> iptables -t nat -A PREROUTING -d 192.168.0.1 -p tcp --dport 25 \
> -j DNAT --to-destination 192.168.0.2:25
> echo 1 > /proc/sys/net/ipv4/ip_forward
>
> If you're forwarding anything else than just smtp, you have to add rules to
> allow it : these rules DROP all traffic to be forwarded except smtp which is
> DNAT-ed to the MTA and RELATED/ESTABLISHED traffic.
>
>
> Gr,
> Rob
>
>
next prev parent reply other threads:[~2003-11-24 17:56 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-11-24 16:13 port forwarding in a web server Juan Hernandez
2003-11-24 17:11 ` Rob Sterenborg
2003-11-24 17:47 ` Juan Hernandez
2003-11-24 17:56 ` Juan Hernandez [this message]
2003-11-24 17:20 ` Jeffrey Laramie
-- strict thread matches above, loose matches on Subject: below --
2003-11-24 16:05 Juan Hernandez
2003-11-26 15:24 ` Aldo S. Lagana
2003-11-26 15:52 ` Juan Hernandez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1069696580.1083.27.camel@webmail.aeropostal.com.ve \
--to=alucard@kanux.com \
--cc=netfilter@lists.netfilter.org \
--cc=rob@sterenborg.info \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.