regional-pl: Problem with fwall

Subject: Problem with fwall
To: None <regional-pl@netbsd.org>
From: Peter Tyminski <petert@ruudy.com>
List: regional-pl
Date: 11/10/2004 10:35:18

--Signature=_Wed__10_Nov_2004_10_35_18_+0100_mFho1czRIHU30tGs
Content-Type: text/plain; charset=US-ASCII
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Hi !

I have strange problem with forwarding pop3/smtp over ipf/ipnat.
NetBSD 1.6.2, default hernel ipf-3.4

There is a fwall:
fxp0 - external ( public internet )
fxp1 - internal 

ipnat.conf
except standard mappings is a line :


rdr fxp0 0.0.0.0/0 port 25 -> 10.10.0.214 port 25 tcp

ipf.conf

pass in quick on fxp0 proto tcp from any to any port = 110  flags S/SA keep state keep frags

Fwall by default is blocking everything.

tested the same way with other ports/daemons, works fine (22, 501, 80 ), just does'nt work with pop3/smtp

10.10.0.214 mail server, widely open, no restrictions on ports 110 or 25.

Any ideas ?

Regards

Peter 


--Signature=_Wed__10_Nov_2004_10_35_18_+0100_mFho1czRIHU30tGs
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBkeDZwsAKHi3lMDYRAvhLAKC9w4db3fBjcKPux40ys/YIwvbWSwCdEXC5
TLRcb2BVdQUkh6RjAHTVHGo=
=tICe
-----END PGP SIGNATURE-----

--Signature=_Wed__10_Nov_2004_10_35_18_+0100_mFho1czRIHU30tGs--