[plug] firewall issue
Andrew Furey
andrew.furey at gmail.com
Tue Dec 9 10:38:57 WST 2008
> The issue is in the iptables firewall. I'm having the following rules:
>
> $IPT -A FORWARD -i $INT_IFACE -d 192.168.1.100 -p tcp --dport 143 -j ACCEPT
> $IPT -A FORWARD -i $INT_IFACE -s 192.168.1.100 -p tcp --dport 143 -j ACCEPT
>
> I have these 2 rules in, do I need to add more rules in the INPUT and
> OUTPUT chains?
FWIW, I use rules like the following for access from outside (some
settings are an educated guess :) :
$IPT -A FORWARD -i $INT_IFACE -o $ETH_IFACE -p tcp --dport 143 -m
state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$IPT -t nat -A PREROUTING -p tcp -d $INT_IP --dport 143 -j DNAT --to
192.168.1.100:143
It may be possible to specify -i $INT_IFACE rather than needing to
know the external IP address for the second - I haven't tested.
HTH
Andrew
--
Linux supports the notion of a command line or a shell for the same
reason that only children read books with only pictures in them.
Language, be it English or something else, is the only tool flexible
enough to accomplish a sufficiently broad range of tasks.
-- Bill Garrett
More information about the plug
mailing list