Re: port forward to MS Exchange IMAP
On Sat, Oct 07, 2000 at 06:12:01AM -0500, Christopher L. Everett wrote:
> All:
>
> I'm trying to open a hole in my firewall so that a
> user can pick up his IMAP email (actually the owner).
>
> I'm trying to use ipmasqadm mfw to do the job like this:
>
> # ipchains -A input -p tcp -y -d 208.145.27.210/32 143 -m 1
> # ipchains -A input -p tcp -s 0/0 -d 208.145.27.210/32 143 -j ACCEPT
> # ipchains -A input ! -y -p tcp -s 0/0 -d 208.145.27.210/32 -j ACCEPT
> <other stuff snipped>
> # ipchains -P input DENY
>
Maybe, I'm missing something but shouldn't you also mark (-m 1) packets
without the SYN flag set, else only connection initiation will be forwarded
inside. E.g.:
ipchains -A input -p tcp -d 208.145.27.210/32 143 -m 1
Julien
Reply to: