From: varun_saa@vsnl.net
To: netfilter@lists.netfilter.org
Subject: forward command for smtp/pop - not working
Date: Sat, 21 May 2005 15:28:49 +0500 [thread overview]
Message-ID: <1bfba181c019fa.1c019fa1bfba18@vsnl.net> (raw)
Hello,
My server is on FC3 (fedora3)
eth0 is WAN ( dynamic IP )
eth1 is LAN
This a continuation of my most recent post
" smtp/pop and NAT only " .
I have set the rules as follows :
# Generated by iptables-save v1.2.11 on Wed May 11 11:06:56 2005
*nat
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -s 192.168.0.0/24 -j MASQUERADE
COMMIT
# Completed on Wed May 11 11:06:56 2005
# Generated by iptables-save v1.2.11 on Wed May 11 11:06:56 2005
*mangle
:PREROUTING ACCEPT [93:9058]
:INPUT ACCEPT [85:8650]
:FORWARD ACCEPT [8:408]
:OUTPUT ACCEPT [88:8886]
:POSTROUTING ACCEPT [95:9218]
COMMIT
# Completed on Wed May 11 11:06:56 2005
# Generated by iptables-save v1.2.11 on Wed May 11 11:06:56 2005
*filter
:INPUT ACCEPT [85:8650]
:FORWARD ACCEPT [8:408]
:OUTPUT ACCEPT [87:8810]
-P FORWARD DROP
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth1 -o eth0 -s 192.168.0.248 -j ACCEPT
-A FORWARD -i eth1 -o eth0 -s 192.168.0.253 -j ACCEPT
-A FORWARD -i eth1 -o eth0 -p tcp --dport 25 -j ACCEPT
-A FORWARD -i eth1 -o eth0 -p tcp --dport 110 -j ACCEPT
COMMIT
# Completed on Wed May 11 11:06:56 2005
The clients 192.168.0.248 / 253 are able browse and
send/recieve mails.
But other clients are not able to send/recieve mails.
Here are fews things that I did:
From fedora3 server :
[root@fedora3 ~]# cat /etc/resolv.conf
; generated by /sbin/dhclient-script
search saice.edu
nameserver 203.145.184.13
[root@fedora3 ~]# telnet 64.233.185.27 25
Trying 64.233.185.27...
Connected to gsmtp185.google.com (64.233.185.27).
Escape character is '^]'.
220 mx.gmail.com ESMTP g3si533838wra
From non NAT clients :
[root@ ~]# cat /etc/resolv.conf
nameserver 203.145.184.13
# ppp temp entry
[root@ ~]# telnet 64.233.185.27 25
Trying 64.233.185.27...
Connected to 64.233.185.27 (64.233.185.27).
Escape character is '^]'.
220 mx.gmail.com ESMTP 35si1283118wra
quit
221 2.0.0 mx.gmail.com closing connection
Connection closed by foreign host.
[root@ ~]#
I am not able to ping ISP gateway or DNS.
Non NAT are not able send/recieve mails.
I don't understand why this FORWARD command
does not work.
Or have I forgotten something ?
Can't we just use PREROUTING command for smtp
and pop.
Thanks in advance
Varun
reply other threads:[~2005-05-21 10:28 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1bfba181c019fa.1c019fa1bfba18@vsnl.net \
--to=varun_saa@vsnl.net \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.