- Posts: 5
- Thank you received: 0
ipcop 1.4.10 CUSTOM chain
18 years 7 months ago #13933
by lc4523
ipcop 1.4.10 CUSTOM chain was created by lc4523
Hello everybody i'am new here.... and i need help. pls help :oops:
I install ipcop 1.4.10 with red (eth1), orange (eth2) and green (eth0) interface.
red = public ip (202.57.4.a) 255.255.255.224
orange = private ip (172.16.1.b) 255.255.0.0
green = private ip (192.168.0.c) 255.255.255.0
mx record on dns = 202.57.1.d (the ip given by my internet provider also)
i put mail server in dmz (orange) with ip 172.16.1.e
so i put my private rule at rc.firewall.local , like below
iptables -A CUSTOMINPUT -p tcp -s 0/0 --sport 1024:65535 -d 202.57.1.d --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A CUSTOMOUTPUT -p tcp -s 202.57.1.d --sport 25 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
iptables -t nat -A CUSTOMPREROUTING -i eth1 -p tcp -s 0/0 --sport 1024:65535 -d 202.57.1.d --dport 25 -j DNAT --to-destination 172.16.1.e:25
iptables -t nat -A CUSTOMPOSTROUTING -i eth2 -p tcp -s 172.16.1.e --sport 1024:65535 -d 0/0 --dport 25 -j SNAT --to-source 202.57.1.d
then i restart ipcop, but when i type iptables -nL there's only CUSTOMINPUT and CUSTOMOUTPUT rule,.. i dont see my CUSTOMPREROUTING and CUSTOMPOSTROUTING rule
thank you very much in advance
Cahyo
I install ipcop 1.4.10 with red (eth1), orange (eth2) and green (eth0) interface.
red = public ip (202.57.4.a) 255.255.255.224
orange = private ip (172.16.1.b) 255.255.0.0
green = private ip (192.168.0.c) 255.255.255.0
mx record on dns = 202.57.1.d (the ip given by my internet provider also)
i put mail server in dmz (orange) with ip 172.16.1.e
so i put my private rule at rc.firewall.local , like below
iptables -A CUSTOMINPUT -p tcp -s 0/0 --sport 1024:65535 -d 202.57.1.d --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A CUSTOMOUTPUT -p tcp -s 202.57.1.d --sport 25 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
iptables -t nat -A CUSTOMPREROUTING -i eth1 -p tcp -s 0/0 --sport 1024:65535 -d 202.57.1.d --dport 25 -j DNAT --to-destination 172.16.1.e:25
iptables -t nat -A CUSTOMPOSTROUTING -i eth2 -p tcp -s 172.16.1.e --sport 1024:65535 -d 0/0 --dport 25 -j SNAT --to-source 202.57.1.d
then i restart ipcop, but when i type iptables -nL there's only CUSTOMINPUT and CUSTOMOUTPUT rule,.. i dont see my CUSTOMPREROUTING and CUSTOMPOSTROUTING rule
thank you very much in advance
Cahyo
18 years 7 months ago #13951
by lc4523
Replied by lc4523 on topic ipcop 1.4.10 CUSTOM chain
thank you for response me.. yes i'am very new in firewall and iptables and thanks again for answer me , ok now i can see all my rules, but when i try to send from yahoo the yahoo said "Sorry, I wasn't able to establish an SMTP connection. (#4.4.1)
I'm not going to try again; this message has been in the queue too
long. " , but if i send to yahoo the message delivered sucessfully.
thanks2 "and sorry for my bad english"
Cahyo :roll:
, ok now i can see all my rules, but when i try to send from yahoo the yahoo said "Sorry, I wasn't able to establish an SMTP connection. (#4.4.1)I'm not going to try again; this message has been in the queue too
long. " , but if i send to yahoo the message delivered sucessfully.
thanks2 "and sorry for my bad english"
Cahyo :roll:
Time to create page: 0.138 seconds