You use a DNAT rule to NAT/route an external address, or, at the very 
least, port 110 (the POP3 port), to an internal system on that port.

Works quite well...and is as simple as:

$IPTABLES -t nat -A PREROUTING -i eth0 -d xxx.xxx.xxx.xxx -p tcp --dport 110 -j DNAT 
--to yyy.yyy.yyy.yyy
$IPTABLES -A FORWARD -p tcp --dport 110 -m state --state NEW -d yyy.yyy.yyy.yyy -j 
ACCEPT

xxx.xxx.xxx.xxx is either the external (internet IP) address of your 
firewall, or an additional external address, which your firewall will 
answer to, but gets routed internally.

yyy.yyy.yyy.yyy is the private, internal address of your POP3 server.

On Tue, 4 Jun 2002, Darryl Harvey wrote:

> I have a RH7.3 box with 2 x NIC's as a gateway/firewall.
> 
> Internal adddress are private 192.168.x.x range, external IP is 
> public.   No-one in the internal network has access externally except 
> through SQUID which runs n this box, as does an email relay (Which only 
> relays for internal domains.
> 
> I need to allow external users PoP3 access to our real mail server which is 
> on a private IP behind the linux box.
> 
> Do I need to use a module to allow this to happen, or can IPChains/tables 
> do this by default (And how).
> 
> Also, which tool should I use within either KDE or Gnome to alter these 
> rules, or is it something I do via shell (Which I am happy with)
> 
> TIA
> Darryl
> 
> 
> 
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to