Re: Redirecting (is that the word)?

To: "Ricardo Pardini" <ricardo@piniweb.com>, <debian-firewall@lists.debian.org>
Subject: Re: Redirecting (is that the word)?
From: "Robert Davies" <Rob_Davies@NTLWorld.Com>
Date: Sun, 8 Oct 2000 22:20:53 +0100
Message-id: <[🔎] 001701c0316d$b7da30a0$010a0a0a@oak>
References: <[🔎] GBEBLDAMONCINAHDPCLAKEGGCAAA.ricardo@piniweb.com>

> Hi folks, I've been reading the Debian firewall list for some time now,
and
> also read all the howto's I could find. But I stil can't figure out how to
> do this: I have an internal network, 172.22.4.0-255, and a firewall with a
> visible, real IP. Can I somehow redirect all connections to the firewall's
> IP number, port 25 to one of my internal machines (without a visible IP)?
> Anybody ever played with Ericsson's Load Balancing "Eddie"? Any tips for
> firewalls with that?

Yes, take a look at ipmasqadm.  There's a deb for it.
Use mfw rule on the -y connection for the incoming port 25 connection.
Have masquerading enabled for port 25 from the internal machine.
Use ipmasqadm to set up the port forwarding.

There's reasonable docs out on the www for ipmasqadm.
If you followed a discussion on port forwarding imap2 to M$ Exchange, you'll
see how to do it, I posted a script yesterday.

Caution: SMTP hasn't been historically the safest protocol, sendmail and
others have often had problems.  You might like to have a cordon around the
SMTP internal host you use, as if it is penetrated, the consquences could be
even more serious than if it were outside the firewall.  Agreed it'll be
harder for a penetration to succeed, depending on your firwall rules.

Rob

Reply to:

References:
- Redirecting (is that the word)?
  - From: "Ricardo Pardini" <ricardo@piniweb.com>

Prev by Date: Redirecting (is that the word)?
Next by Date: NTP secure
Previous by thread: Redirecting (is that the word)?
Next by thread: NTP secure
Index(es):
- Date
- Thread