Hello everybody i'am new here.... and i need help. pls help :oops:
I install ipcop 1.4.10 with red (eth1), orange (eth2) and green (eth0) interface.
red = public ip (202.57.4.a) 255.255.255.224
orange = private ip (172.16.1.b) 255.255.0.0
green = private ip (192.168.0.c) 255.255.255.0
mx record on dns = 202.57.1.d (the ip given by my internet provider also)
i put mail server in dmz (orange) with ip 172.16.1.e
so i put my private rule at rc.firewall.local , like below
iptables -A CUSTOMINPUT -p tcp -s 0/0 --sport 1024:65535 -d 202.57.1.d --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A CUSTOMOUTPUT -p tcp -s 202.57.1.d --sport 25 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
Welcome to firewall.cx, lc4523. When you use [code:1]iptables -L[/code:1]
it only lists the rules for the chains in the default "filter" table. In order to list the rules relating to the CUSTOMPREROUTING and CUSTOMPOSTROUTING chains which are in the "nat" table you will need to use the "-t" option as follows:[code:1]iptables -L -t nat[/code:1]
ipcop 1.4.10 CUSTOM chain
12 years 4 months ago #13951
thank you for response me.. yes i'am very new in firewall and iptables and thanks again for answer me , ok now i can see all my rules, but when i try to send from yahoo the yahoo said "Sorry, I wasn't able to establish an SMTP connection. (#4.4.1)
I'm not going to try again; this message has been in the queue too
long. " , but if i send to yahoo the message delivered sucessfully.
thanks2 "and sorry for my bad english"
"Port Forwarding" and "External Access" serve different purposes. Port Forwarding is where you set up access controls for hosts behind your IPCOP. External Access on the other hand, handles access to the IPCOP itself e.g. Remote SSH access or HTTPS. So unless you want to access the IPCOP itself from a remote location, you do not need to bother with the External Access settings.