Hello Michael, > Would be interesting to see the network traffic on the external > interface. Without that, you can't tell much .. Why? What can I do to see this and how to interpret it? Michael Bergbauer wrote:
On Mon Apr 28, 2003 at 10:2742PM -0500, Hanasaki JiJi wrote:There is a firewall with two NICs and the below rule to allow an internal host to connect out to smtp servers on the internet. Some hosts have a connection timeout on a connect from $INTERNAL_IP_OF_SMTP yet connect from the firewall just fine. iptables -t nat -A POSTROUTING -p tcp -o $NIC_EXTERNAL \ --dport 25 -s $INTERNAL_IP_OF_SMTP -j MASQUERADE
-- ================================================================= = Management is doing things right; leadership is doing the = = right things. - Peter Drucker = =_______________________________________________________________= = http://www.sun.com/service/sunps/jdc/javacenter.pdf = = www.sun.com | www.javasoft.com | http://wwws.sun.com/sunone = =================================================================