ipfw and mail

Ondra Holecek bln at bln.no-ip.org
Fri Jun 25 11:31:22 PDT 2004 

On Friday 25 June 2004 20:21, Gustavo A. Baratto wrote:
> Thank you very much... but I think it doesnt work :(
>
> umail7# ipfw delete 200
> umail7# ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state
> 01400 fwd 127.0.0.1,25 tcp from any to me dst-port 2525 keep-state

for me it is working.. does this rule really have number 1400? It is important 
to have it before any other matching rule

if you have rule
0400     60     4530 deny log ip from any to any

you are always blocked at 400 and never go to 1400

> umail7# telnet 207.228.225.128 2525
> Trying 207.228.225.128...
> telnet: connect to address 207.228.225.128: Connection refused
> telnet: Unable to connect to remote host
>
> I tried the IP as well, instead of localhost... it doesnt work.
>
> look the telnet response from port 25:
> -bash-2.05b$ telnet 207.228.225.128 25
> Trying 207.228.225.128...
> Connected to smtp3.superb.net.
> Escape character is '^]'.
> 220 smtp3.superb.net ESMTP
>
> thanks :)
>
> ----- Original Message -----
> From: "Ondra Holecek" <bln at bln.no-ip.org>
> To: <freebsd-isp at freebsd.org>
> Sent: Friday, June 25, 2004 11:10 AM
> Subject: Re: ipfw and mail
>
> > On Friday 25 June 2004 20:00, Gustavo A. Baratto wrote:
> > > Hello guys,
> > >
> > > some of our users' ISPs don't allow them to use port 25, so they cannot
>
> use
>
> > > out mail server.
> > >
> > > I want to open a new port (2525) and forward all packets from 2525 to
> > > 25 so, they can use mail.
> > >
> > > I tried this in IPFW:
> > > 0100 119649 44772439 allow tcp from any to me dst-port 25 keep-state
> > > 0200      0        0 divert 25 ip from any to me dst-port 2525
>
> keep-state
>
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > this line does something other
> > try to use this:
> >  ipfw delete 200
> >  ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state
> >
> > > 0300 103075 35531648 allow ip from me to any keep-state
> > > 0400     60     4530 deny log ip from any to any
> > >
> > >
> > > If I telnet directly to port 25, I can get the prompt, but if I telnet
>
> to
>
> > > port 2525, I get a connection refused.
> > >
> > > What should I do in ipfw to forward port 2525 to port 25 tranparently?
> > >
> > > Thanks
> > > _______________________________________________
> > > freebsd-isp at freebsd.org mailing list
> > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
> >
> > _______________________________________________
> > freebsd-isp at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> > To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
>
> _______________________________________________
> freebsd-isp at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"

More information about the freebsd-isp mailing list