Friday, April 16, 2010

How To Convert .mdb To .mdf Online

Fighting Spam - Part II Postfix





again for writing here today with something a little more advanced
Iptables good start:
assuming that we have a firewall already set up similar to this

and who is giving the internet facing , ssurgen no new requests.

example.

1. that only makes firewall server and have a different server that makes email on the LAN, what should we do?
R / we would have to make a port redirection

how I do it?

R / right through PREROUTING rules

see.
# The mail server is on IP 192.168.0.10 and is served by postfix, # imap and pop3 (example)
first ports allow

remember! that the firewall we have defined something like this:

# # # disclaim the remainder if they need someone in the lan, you need to access
# # # any port should be put before the next rule
iptables-A FORWARD - s 192.168.0.0/24-i eth1-j DROP
iptables-A INPUT-s 192.168.0.0/24-i eth1-j DROP
iptables-A OUTPUT-s 192.168.0.0/24-i eth1-j DROP

! Bone that define INPUT rules should go before these lines!

now if you create the rules:

iptables-A INPUT-s 0.0.0.0 / 0-p tcp - dport 25-j ACCEPT
iptables-A INPUT-s 0.0.0.0 / 0-p tcp - dport
110-j ACCEPT iptables-A INPUT-s 0.0.0.0 / 0-p tcp - dport 143-j ACCEPT # if we pop3s
must open port 995
iptables-A INPUT-s 0.0.0.0 / 0-p tcp - dport 995-j ACCEPT #

now if we are to route the traffic once

allowed iptables-t nat-A PREROUTING-i eth1-p tcp - dport 25-j DNAT - to 192.168.0.10: 25
iptables-t nat-A PREROUTING-i eth1-p tcp - dport 110-j DNAT - to 192.168.0.10:110
iptables-t nat-A PREROUTING -I eth1-p tcp - dport 143-j DNAT - to 192.168.0.10:143
iptables-t nat-A PREROUTING-i eth1-p tcp - dport 995-j DNAT - to 192.168.0.10:995

did what?

iptables we told that everything you receive for the ports listed above come from eth1 (WAN) to route everything to the IP address of our mail server on the LAN, so will be seen from the WAN as if the server Email was directly against internet (and not being so:))

NOTE: This configuration can be applied to route traffic from any port to any computer in the LAN only thing that should be considered is the type of traffic when is TCP or UDP.


Posted by admin at 7:28 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)