DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 5th February 2009
paul-lkw's Avatar
paul-lkw paul-lkw is offline
Real Name: Paul.LKW
Port Guard
 
Join Date: May 2008
Location: Hong Kong
Posts: 18
Thanked 0 Times in 0 Posts
Default Local BOX Port Foward Problem

Hi All;
I am now want to create a port called 250 map to local 25 and 1100 map to local 110, it is due to some ISP block 110/25 ports, I search many text but it always need to enable NAT to make the forward because these material always rediect to inside private IP, but for my case I only need map more one port to local BOX, so I wonder does here a way to do without NAT ?

Thx in advance.
Reply With Quote
  #2   (View Single Post)  
Old 5th February 2009
DutchDaemon's Avatar
DutchDaemon DutchDaemon is offline
Real Name: Ben
Spam Refugee
 
Join Date: Jul 2008
Location: Rotterdam, The Netherlands
Posts: 337
Thanked 32 Times in 30 Posts
Default

Run your smtp and pop3 server on localhost, and redirect those ports on the external interface to localhost:25 and localhost:110. How you get external mailservers to talk to your port 250 is a different story .. unless you have control over your upstream backup MX where you can manipulate the port it will connect to.

Code:
rdr on $ext_if proto tcp from any to $ext_if port 250 -> 127.0.0.1 port smtp
rdr on $ext_if proto tcp from any to $ext_if port 1100 -> 127.0.0.1 port pop3
Reply With Quote
  #3   (View Single Post)  
Old 6th February 2009
paul-lkw's Avatar
paul-lkw paul-lkw is offline
Real Name: Paul.LKW
Port Guard
 
Join Date: May 2008
Location: Hong Kong
Posts: 18
Thanked 0 Times in 0 Posts
Default

Does ipfw divert can help?
Reply With Quote
  #4   (View Single Post)  
Old 6th February 2009
DutchDaemon's Avatar
DutchDaemon DutchDaemon is offline
Real Name: Ben
Spam Refugee
 
Join Date: Jul 2008
Location: Rotterdam, The Netherlands
Posts: 337
Thanked 32 Times in 30 Posts
Default

I think you need a fwd statement for this (something like fwd 127.0.0.1,25 and fwd 127.0.0.1,110), plus options IPFIREWALL_FORWARD in your kernel. Maybe it's a kld nowadays, don't know.
Reply With Quote
  #5   (View Single Post)  
Old 6th February 2009
paul-lkw's Avatar
paul-lkw paul-lkw is offline
Real Name: Paul.LKW
Port Guard
 
Join Date: May 2008
Location: Hong Kong
Posts: 18
Thanked 0 Times in 0 Posts
Default

Then divert and fwd seems confusing ?
Reply With Quote
  #6   (View Single Post)  
Old 6th February 2009
DutchDaemon's Avatar
DutchDaemon DutchDaemon is offline
Real Name: Ben
Spam Refugee
 
Join Date: Jul 2008
Location: Rotterdam, The Netherlands
Posts: 337
Thanked 32 Times in 30 Posts
Default

See http://www.freebsdonline.com/content/view/346/355/ for a Squid example of the same.
Reply With Quote
  #7   (View Single Post)  
Old 7th February 2009
paul-lkw's Avatar
paul-lkw paul-lkw is offline
Real Name: Paul.LKW
Port Guard
 
Join Date: May 2008
Location: Hong Kong
Posts: 18
Thanked 0 Times in 0 Posts
Default

OK, Let me try that. Many Thx.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Local transfer is slow. maurobottone OpenBSD General 1 10th January 2009 02:12 PM
local dns (dnsmasq) bsdperson FreeBSD Ports and Packages 3 3rd September 2008 06:48 AM
proxy : replace gif with local gif milo974 OpenBSD General 4 17th July 2008 06:45 AM
Send email to all local users cajunman4life FreeBSD General 8 15th June 2008 10:52 AM
/usr/local and application directories ducu_00 FreeBSD Ports and Packages 14 23rd May 2008 05:37 PM


All times are GMT. The time now is 03:45 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick