You use a DNAT rule to NAT/route an external address, or, at the very least, port 110 (the POP3 port), to an internal system on that port.
Works quite well...and is as simple as: $IPTABLES -t nat -A PREROUTING -i eth0 -d xxx.xxx.xxx.xxx -p tcp --dport 110 -j DNAT --to yyy.yyy.yyy.yyy $IPTABLES -A FORWARD -p tcp --dport 110 -m state --state NEW -d yyy.yyy.yyy.yyy -j ACCEPT xxx.xxx.xxx.xxx is either the external (internet IP) address of your firewall, or an additional external address, which your firewall will answer to, but gets routed internally. yyy.yyy.yyy.yyy is the private, internal address of your POP3 server. On Tue, 4 Jun 2002, Darryl Harvey wrote: > I have a RH7.3 box with 2 x NIC's as a gateway/firewall. > > Internal adddress are private 192.168.x.x range, external IP is > public. No-one in the internal network has access externally except > through SQUID which runs n this box, as does an email relay (Which only > relays for internal domains. > > I need to allow external users PoP3 access to our real mail server which is > on a private IP behind the linux box. > > Do I need to use a module to allow this to happen, or can IPChains/tables > do this by default (And how). > > Also, which tool should I use within either KDE or Gnome to alter these > rules, or is it something I do via shell (Which I am happy with) > > TIA > Darryl > > > > _______________________________________________ > Redhat-list mailing list > [EMAIL PROTECTED] > https://listman.redhat.com/mailman/listinfo/redhat-list > _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list