No worries, thanks for the info, will do some research on Arno and have a go this weekend Once again thanks Guy
________________________________ From: [EMAIL PROTECTED] on behalf of Darrick Hartman Sent: Wed 19/03/2008 3:38 AM To: AstLinux Users Mailing List Subject: Re: [Astlinux-users] No NAT when configuring FWVERS="astfw"and EXTPORTMAP="t25:10.8.0.1:25" Sorry no one replied to this sooner. I would recommend using the Arno firewall option. It's being more actively developed and may be the default firewall down the road. Unfortunately to do some of the port forwarding, you would need to manually edit a separate file. Darrick Guy Neale wrote: > Hi All > > > > Finally got round to building/upgrading to astlinux-0.5-1537, now using > runnix and unionfs (how cool is this, aussie prompts, coping g729 lic, > short zaptel flash etc works great), also finally decided to have > another go at pppoe and iptables (astfw), pppoe works great , the only > problem I am having is forwarding SMTP (or any port) via NAT to my > internal test mail server , what am I doing wrong? > > > > EXTIF=ppp0 > > INTIP="10.8.0.254" > > INTNM="255.255.255.0" > > DMZTYPE=extonly > > PPPOEUSER="[EMAIL PROTECTED]" > > PPPOEPASS="xxxxxx" > > PPPOEIF="eth1" > > PPPOEKERNEL="YES" > > FWVERS="astfw" > > EXTPORTMAP="t25:10.8.0.1:25" > > > > pbx etc # cd /mnt/kd > > pbx kd # ls > > astdb cdr-csv dnsmasq.leases home > monitor rc.pbxonly.conf sounds tftpboot wanpipe > > asterisk crontabs dnsmasq.static lost+found > rc.conf rc.router.conf ssh voicemail > zaptel.conf > > > > pbx etc # service iptables restart > > Stopping iptables... > > net.ipv4.ip_forward = 0 > > Starting iptables... > > iptables v1.3.8: invalid port/service `t25' specified > > Try `iptables -h' or 'iptables --help' for more information. > > iptables v1.3.8: invalid port/service `t25' specified > > Try `iptables -h' or 'iptables --help' for more information. > > net.ipv4.ip_forward = 1 > > > > pbx kd # iptables -L > > Chain INPUT (policy ACCEPT) > > target prot opt source destination > > USER-INPUT all -- anywhere anywhere > > ACCEPT all -- anywhere anywhere > > ACCEPT all -- anywhere anywhere > > ACCEPT all -- anywhere anywhere state > RELATED,ESTABLISHED > > DROP all -- anywhere anywhere > > > > Chain FORWARD (policy ACCEPT) > > target prot opt source destination > > ACCEPT all -- anywhere anywhere state > RELATED,ESTABLISHED > > USER-FORWARD all -- anywhere anywhere > > ACCEPT all -- anywhere anywhere > > DROP all -- anywhere anywhere > > > > Chain OUTPUT (policy ACCEPT) > > target prot opt source destination > > > > Chain USER-FORWARD (1 references) > > target prot opt source destination > > > > Chain USER-INPUT (1 references) > > target prot opt source destination > > > > pbx kd # ifconfig > > eth0 Link encap:Ethernet HWaddr 00:40:63:DA:DE:FD > > inet addr:10.8.0.254 Bcast:10.8.0.255 Mask:255.255.255.0 > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > RX packets:40296 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:36419 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:1000 > > RX bytes:19374657 (18.4 MiB) TX bytes:25329747 (24.1 MiB) > > Interrupt:11 Base address:0xd000 > > > > eth1 Link encap:Ethernet HWaddr 00:40:63:DA:DE:A3 > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > RX packets:51131 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:38726 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:1000 > > RX bytes:26238008 (25.0 MiB) TX bytes:19146886 (18.2 MiB) > > Interrupt:12 Base address:0xe800 > > > > lo Link encap:Local Loopback > > inet addr:127.0.0.1 Mask:255.0.0.0 > > UP LOOPBACK RUNNING MTU:16436 Metric:1 > > RX packets:2 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:2 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:0 > > RX bytes:152 (152.0 B) TX bytes:152 (152.0 B) > > > > ppp0 Link encap:Point-to-Point Protocol > > inet addr:xxx.xxx.xxx.xxx P-t-P:xxx.xxx.xxx.xxx > Mask:255.255.255.255 > > UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 > > RX packets:50795 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:38390 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:3 > > RX bytes:25100222 (23.9 MiB) TX bytes:18292112 (17.4 MiB) > > > > Regards > > > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2008. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > > > ------------------------------------------------------------------------ > > _______________________________________________ > Astlinux-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to [EMAIL > PROTECTED] -- Darrick Hartman DJH Solutions, LLC http://www.djhsolutions.com <http://www.djhsolutions.com/> Small Business IT Specialists Office: 920.547.4535 Cell: 920.901.3113 ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [EMAIL PROTECTED]
<<winmail.dat>>
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [EMAIL PROTECTED]
