From owner-freebsd-questions Mon Nov 20 13: 7:40 2000 Delivered-To: freebsd-questions@freebsd.org Received: from lf.twelvehorses.com (unknown [193.120.151.245]) by hub.freebsd.org (Postfix) with ESMTP id 4378337B4CF for ; Mon, 20 Nov 2000 13:07:36 -0800 (PST) Received: from blackwidow.twelvehorses.com (host-0-200.twelvehorses.int [192.168.0.200] (may be forged)) by lf.twelvehorses.com (8.11.0/8.11.0) with ESMTP id eAKL54e05587; Mon, 20 Nov 2000 21:05:04 GMT (envelope-from daniel.podolsky@twelvehorses.com) Received: by BlackWidow.twelvehorses.int with Internet Mail Service (5.5.2650.21) id ; Mon, 20 Nov 2000 21:02:10 -0000 Message-ID: <856E94D34FF3D311B5FE00508B6B8BD22A34F9@BlackWidow.twelvehorses.int> From: Daniel Podolsky To: "'Hamilton Hoover'" , Nick Rogness Cc: freebsd-questions@FreeBSD.ORG Subject: RE: dual homed gateway system running ipfw and nat. need rules he lp. Date: Mon, 20 Nov 2000 21:02:09 -0000 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, >>>${fwcmd} pass tcp from any 25 to 192.x.x.x Will not work because nobody in internet know how to reach your private addresses. As far as I can understand you have a mail server inside and you would like incoming mail to be delivered to this server. Is it quite? Also you would like to use your qmail inside as a outgoing server for your mail clients. Is it quite? The simple and finest solution is to configure your gateway as a mail relay. Gateway should receive you mail and forward it to your inside server. Also gateway should receive mails from inside and relay it to Internet. Use "mailertable" feature for sendmail or "smtproutes" for qmail. Do not forget to allow corresponding traffic in a IPFW. something like allow tcp from any to 25 allow tcp from to any 25 Please do nor hesitate to ask again if something unclear. Also you can comfigure your gateway for divetr incoming packets to port 25 to you inside mail server but it is more sophisticated... With best reagrds, Daniel Podolsky To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message