Re: ipfw and mail
From: Gustavo A. Baratto (gbaratto_at_superb.net)
Date: 06/25/04
- Previous message: Len Conrad: "Re: ipfw and mail"
- In reply to: Ondra Holecek: "Re: ipfw and mail"
- Next in thread: James Housley: "Re: ipfw and mail"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 25 Jun 2004 11:56:07 -0700 To: freebsd-isp@freebsd.org
yes, sorry my bad... I put that after a deny...
it works like a charm
Thank you very much!!
----- Original Message -----
From: "Ondra Holecek" <bln@bln.no-ip.org>
To: "Gustavo A. Baratto" <gbaratto@superb.net>; <freebsd-isp@freebsd.org>
Sent: Friday, June 25, 2004 11:30 AM
Subject: Re: ipfw and mail
> On Friday 25 June 2004 20:21, Gustavo A. Baratto wrote:
> > Thank you very much... but I think it doesnt work :(
> >
> > umail7# ipfw delete 200
> > umail7# ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state
> > 01400 fwd 127.0.0.1,25 tcp from any to me dst-port 2525 keep-state
>
> for me it is working.. does this rule really have number 1400? It is
important
> to have it before any other matching rule
>
> if you have rule
> 0400 60 4530 deny log ip from any to any
>
> you are always blocked at 400 and never go to 1400
>
> > umail7# telnet 207.228.225.128 2525
> > Trying 207.228.225.128...
> > telnet: connect to address 207.228.225.128: Connection refused
> > telnet: Unable to connect to remote host
> >
> > I tried the IP as well, instead of localhost... it doesnt work.
> >
> > look the telnet response from port 25:
> > -bash-2.05b$ telnet 207.228.225.128 25
> > Trying 207.228.225.128...
> > Connected to smtp3.superb.net.
> > Escape character is '^]'.
> > 220 smtp3.superb.net ESMTP
> >
> > thanks :)
> >
> > ----- Original Message -----
> > From: "Ondra Holecek" <bln@bln.no-ip.org>
> > To: <freebsd-isp@freebsd.org>
> > Sent: Friday, June 25, 2004 11:10 AM
> > Subject: Re: ipfw and mail
> >
> > > On Friday 25 June 2004 20:00, Gustavo A. Baratto wrote:
> > > > Hello guys,
> > > >
> > > > some of our users' ISPs don't allow them to use port 25, so they
cannot
> >
> > use
> >
> > > > out mail server.
> > > >
> > > > I want to open a new port (2525) and forward all packets from 2525
to
> > > > 25 so, they can use mail.
> > > >
> > > > I tried this in IPFW:
> > > > 0100 119649 44772439 allow tcp from any to me dst-port 25 keep-state
> > > > 0200 0 0 divert 25 ip from any to me dst-port 2525
> >
> > keep-state
> >
> > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > > this line does something other
> > > try to use this:
> > > ipfw delete 200
> > > ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state
> > >
> > > > 0300 103075 35531648 allow ip from me to any keep-state
> > > > 0400 60 4530 deny log ip from any to any
> > > >
> > > >
> > > > If I telnet directly to port 25, I can get the prompt, but if I
telnet
> >
> > to
> >
> > > > port 2525, I get a connection refused.
> > > >
> > > > What should I do in ipfw to forward port 2525 to port 25
tranparently?
> > > >
> > > > Thanks
> > > > _______________________________________________
> > > > freebsd-isp@freebsd.org mailing list
> > > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> > > > To unsubscribe, send any mail to
"freebsd-isp-unsubscribe@freebsd.org"
> > >
> > > _______________________________________________
> > > freebsd-isp@freebsd.org mailing list
> > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
> >
> > _______________________________________________
> > freebsd-isp@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
>
> _______________________________________________
> freebsd-isp@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
>
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
- Previous message: Len Conrad: "Re: ipfw and mail"
- In reply to: Ondra Holecek: "Re: ipfw and mail"
- Next in thread: James Housley: "Re: ipfw and mail"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
