Re: port forward to MS Exchange IMAP

To: debian-firewall@lists.debian.org
Subject: Re: port forward to MS Exchange IMAP
From: Julien Stern <stern@lri.fr>
Date: Fri, 6 Oct 2000 22:29:05 +0200
Message-id: <[🔎] 20001006222905.B20857@lri.fr>
Mail-followup-to: debian-firewall@lists.debian.org
In-reply-to: <[🔎] 39DF0501.77566843@ceverett.com>; from ceverett@ceverett.com on Sat, Oct 07, 2000 at 06:12:01AM -0500
References: <39DEA2FC.61F9D0A@ceverett.com> <20001006200936.17307.qmail@murphy.debian.org> <[🔎] 39DF0501.77566843@ceverett.com>

On Sat, Oct 07, 2000 at 06:12:01AM -0500, Christopher L. Everett wrote:
> All:
> 
> I'm trying to open a hole in my firewall so that a 
> user can pick up his IMAP email (actually the owner).
> 
> I'm trying to use ipmasqadm mfw to do the job like this:
> 
> # ipchains -A input -p tcp -y -d 208.145.27.210/32 143 -m 1
> # ipchains -A input -p tcp -s 0/0 -d 208.145.27.210/32 143 -j ACCEPT
> # ipchains -A input ! -y -p tcp -s 0/0 -d 208.145.27.210/32  -j ACCEPT
> <other stuff snipped>
> # ipchains -P input DENY
>
Maybe, I'm missing something but shouldn't you also mark (-m 1) packets
without the SYN flag set, else only connection initiation will be forwarded
inside. E.g.:
ipchains -A input -p tcp -d 208.145.27.210/32 143 -m 1

Julien

Reply to:

Follow-Ups:
- Re: port forward to MS Exchange IMAP
  - From: "Robert Davies" <Rob_Davies@NTLWorld.Com>

References:
- port forward to MS Exchange IMAP
  - From: "Christopher L. Everett" <ceverett@ceverett.com>

Prev by Date: port forward to MS Exchange IMAP
Next by Date: Re: port forward to MS Exchange IMAP
Previous by thread: port forward to MS Exchange IMAP
Next by thread: Re: port forward to MS Exchange IMAP
Index(es):
- Date
- Thread