Mailinglist Archive: opensuse-security (670 mails)
| < Previous | Next > |
Re: [suse-security] HELP needed for firewall2 setup and DMZ
- From: test@xxxxxxxxxxxxxxxxxx
- Date: Tue, 13 Nov 2001 18:15:04 +0300 (EAT)
- Message-id: <Pine.LNX.4.40.0111131814190.1212-100000@xxxxxxxxxxxxxxxxxx>
On Mon, 12 Nov 2001, Nadeem Hasan wrote:
> Hi,
>
> I am not trying to masquerade the DMZ. My problem is that
> I cannot connect from DMZ to internet. All the connections
> are denied by the firewall. I need to run mail relay and
> bind on the DMZ machine. I cannot do that till I am able
> to connect to internet from DMZ.
>
> I am sure lots of people here are running this kind of setup.
> But its not covered by the scenarios in EXAMPLES file.
>
> Hope to get some help.
>
> -----Original Message-----
> From: Arjen Runsink [mailto:arjen@xxxxxxxxxxxxxxxx]
> Sent: Monday, November 12, 2001 3:34 AM
> To: Nadeem Hasan
> Cc: 'suse-security@xxxxxxxx'
> Subject: Re: [suse-security] susefirewall2 setup: Running postfix in the
> DMZ
>
>
> Hello Nadeem Hasan,
>
> Nadeem Hasan wrote:
>
> >
> >
> >I want to run postfix as mail relay and squid as a proxy on the DMZ.
> >I am using SuSEfirewall2 v1.9 on the "firewall" box. I have masquerading
> >already working. I have setup the FW_FORWARD to forward port 80 and 25
> >
> Well You did properly subnet so the server in the DMZ is routable, so
> you should not need to masquerade the DMZ! And neither portforwarding.
> That is only necessary if you use a private/non-routable address range.
>
> BB, Arjen
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>
have made sure that the DMZ is catered for in the firewall?
Kenneth
| < Previous | Next > |