Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: kawlyn on December 06, 2000, 07:24:12 PM

Title: ipchains, portforwarding, MS Exchange and other ev
Post by: kawlyn on December 06, 2000, 07:24:12 PM

hey,
I'm stuck. Here is the deal. I've got a e-smith box holding up an ADSL line on it's external NIC. It's internal NIC is on a cross overcable to an NT boxen running Small Buisness Server yes it sucks but it's cheap). The NT box the has an internal NIC servicing the LAN with Proxy Server, etc.... (note Proxy Server will not work with residental ADSL)

anyhoo the linux box is masqing the inter lan (the nt box) and port forwarding the mail, this works, and we can send and recieve mail throught exchange. However the web (port 80) is not forwarding. Here's the lowdown.

ipchains -P input ACCEPT
ipchains -P output ACCEPT
ipchains -P forward DENY

ipchains -A forward -j MASQ

ipmasqadm portfw -a -P tcp -L $EXTERNAL 80 -R $INTERNAL 80
ipmasqadm portfw -a -P tcp -L $EXTERNAL 25 -R $INTERNAL 25


I know that's not much of a firewall I just want to get it working and then I'll tighnen it up.

As I said the masqing and the mail work fin but I can't get to the internal web sever.

Any suggestions would be appreciated.

PS I know ipmasqadm isn't installed in e-smith (a serious omission IMHO) I installed it myself


Colin

Title: RE: ipchains, portforwarding, MS Exchange and othe
Post by: Charlie Brady on December 06, 2000, 08:51:48 PM

kawlyn wrote:

> anyhoo the linux box is masqing the inter lan (the nt box) and
> port forwarding the mail, this works, and we can send and
> recieve mail throught exchange. However the web (port 80) is
> not forwarding.

I'd suggest that you ask your questions on the Advanced Forum - that's the place set aside for discussion of customization.

Regards

Charlie

Title: RE: ipchains, portforwarding, MS Exchange and othe
Post by: kawlyn on December 06, 2000, 09:20:22 PM

hmmmm, you're probably right.

Thanks

Title: RE: ipchains, portforwarding, MS Exchange and othe
Post by: Benny Lonnborn on December 13, 2000, 02:18:27 PM

Go to http://www.pointman.org/ and install the pmfirewall, it will give you all the different options for installation and you can add rules after wards, if you need to.  A very good product that I am using with standard Redhat installations and with e-emith.

Title: Re: ipchains, portforwarding, MS Exchange and other ev
Post by: hanscees on December 24, 2000, 09:45:02 PM

do you have your port 80 on e-smith free for forwarding?. I suggest you put apache on posrt 81 and then try forwarding. Also you can try the newest trinity rules. You can find them at my site
www.hanscees.com under linux esmith

hc