Re: ipfw and mail

• Previous message: Gustavo A. Baratto: "ipfw and mail"
• In reply to: Gustavo A. Baratto: "ipfw and mail"
• Next in thread: Gustavo A. Baratto: "Re: ipfw and mail"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: freebsd-isp@freebsd.org
Date: Fri, 25 Jun 2004 20:10:30 +0200

On Friday 25 June 2004 20:00, Gustavo A. Baratto wrote:
> Hello guys,
>
> some of our users' ISPs don't allow them to use port 25, so they cannot use
> out mail server.
>
> I want to open a new port (2525) and forward all packets from 2525 to 25
> so, they can use mail.
>
> I tried this in IPFW:
> 0100 119649 44772439 allow tcp from any to me dst-port 25 keep-state
> 0200 0 0 divert 25 ip from any to me dst-port 2525 keep-state
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
this line does something other
try to use this:
 ipfw delete 200
 ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state

> 0300 103075 35531648 allow ip from me to any keep-state
> 0400 60 4530 deny log ip from any to any
>
>
> If I telnet directly to port 25, I can get the prompt, but if I telnet to
> port 2525, I get a connection refused.
>
> What should I do in ipfw to forward port 2525 to port 25 tranparently?
>
> Thanks
> _______________________________________________
> freebsd-isp@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"

_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"

• Previous message: Gustavo A. Baratto: "ipfw and mail"
• In reply to: Gustavo A. Baratto: "ipfw and mail"
• Next in thread: Gustavo A. Baratto: "Re: ipfw and mail"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: ipfw-ntad-jail ... > Ok, so I setup IPFW and NATd on my freeBSD 4.5-RELEASE box, ... > host (dagobah) ... > allow ftp (port 21) ... > add 00600 allow icmp from any to any icmptypes 3 ... (FreeBSD-Security) Re: New IPFW Setup. ... > Here is the ruleset I currently use on all the servers. ... Please don't mail freebsd-ipfw with questions about ipfw usage. ... This way any service loaded in a non-privileged port ... for FTP to work. ... (freebsd-questions) Re: Do you know any open source software which can so these security protection? ... A TCP/UDP port listenerIt ... Software that allow one to manage the ports to open/close in FreeBSD. ... You need to use standard FreeBSD's ipfw. ... and recompile and install new kernel. ... (FreeBSD-Security) RE: continued IPFW issues... (actually a lack of ability on my part) ... > I'm still having some sort of issues with ipfw rules on my server. ... When a connection is made to port 80 from an external host, ... host for the given action (inbound connections to port 80 in this case). ... (freebsd-questions) RE: ng_netflow: testers are welcome ... ng_netflow never see packets that denied by ipfw before tee rule). ... Ok, THEORETICALLY, the sockaddr of the packet read from a divert socket ... has a 'port number' set to the ipfw rule that caused the diversion. ... (freebsd-isp)