[Firewall] Firewall Digest, Vol 51, Issue 21

Romy Roma bouroy at googlemail.com
Mon Mar 29 12:57:12 CEST 2010


Hi Randy,

many thanks for your support. I am really desperating, I spent almost all
saturday and sunday diging throughout the configuration.

I am using Debian Lenny and I am pretty sure there is no other firewall
running that the arno.
Ofcause I also restart the firewall everytime with the restart command.

Obviously it is not the only port forwarding I setup with
arno-iptables-firewall, the smtp port is also forwarded to an internal host
as you can see in this setting and it works just fine
> OPEN_TCP="25 143 443"
> NAT_FORWARD_TCP="25,143>10.120.132.6 443>10.120.132.105~8543"

The only difference is that I changed the destination port in the case of
https. The internal host listen on 8543 for https.

Could it be a problem with session on established connection (or something
like that)?

In case of port 25 and 143, I did not need to change anything in the
firewall.conf

I can send you both configuration file (custom-rules.conf and firewall.conf)
if it can help you to help me.

I am really under pressure!

many thanks for your help!

Regards,
Romy


On Mon, Mar 29, 2010 at 12:31 PM, Randy <thejunk.b at gmail.com> wrote:

> On Monday 29 March 2010, firewall-request at rocky.eld.leidenuniv.nl wrote:
> > I put this in my custom-rules:
> >
> > OPEN_TCP="25 143 443"
> > NAT_FORWARD_TCP="25,143>10.120.132.6 443>10.120.132.105~8543"
> >
> > But didn't help.
> >
> > Please help
> >
>
> Romy,
>
> I am pretty sure that this needs to be in the config file.  If you reed
> through it carefully you should find the correct place.
>
> Also, for completness, are you sure that there is not a nother firewall
> (i.e.
> on the server or local machine) that needs to be configured too?
>
> What distro are you running?  Debian, Fedora, Slax.  After you make a
> change
> to the config of arno's you need to restart it.  In most Debian based
> systems
> you would issue
>
> # /etc/init.d/arno-iptables-firewall restart
> --
> If it ain't broke tweek it
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20100329/d44c4e60/attachment.htm>


More information about the Firewall mailing list