You could try with this rule.
I'm not an expert in SuSEfirewall2....
FW_FORDWARD_MASQ="192.168.0.0/24,192.168.0.249,tcp,110,110,192.168.254.2/
192.168.0.0/24,192.168.0.249,tcp,25,25,192.168.254.2"
I use your configuration to make the example, and this is the syntax:
<source network>.<ip to forward to>,<protocol>,<port>[redirect
port,[destination ip]]
I use it to redirect my local webserver and it work it.
Sorry for my english, i'm Paraguayan..
Greetz
2006/9/27, Dirk Schreiner
Hi Dirk,
checkout rinetd. It should solve youre Problems.
Dirk
Dirk Enrique Seiffert schrieb:
I am moving a Mailserver from the internal network to the DMZ. This move should be invisible for the enduser. Lat but not least: Some hundred mail clients are configured to consult an IP, not a name: I can't solve the issue by configuring my DNS server.
This is my configuration:
200.x.x.x (public IP) | SuSEfirewall-192.168.254.1--------192.168.254.2 MailServer | 192.168.0.249 | internal network
I have to access the mailserver by an IP in the 192.168.0.0/24 range. External traffic I can easily redirect with FW_FORWARD_MASQ= to an IP in the DMZ. Internal traffic I can redirect to a local port on the firewall with FW_REDIRECT.
Is it possible to redirect all traffic coming on the internal interface for 192.168.0.249 to 192.168.254.2 ?
Any Custom rule? I was googling quite a while to, didn't find any rule doing a forward on the internal interface.
Any idea is appreciated!
Thanks
Enrique
-- There are 10 sorts of people in this World. Those who understand binary, and those who don`t.
TRIA IT-consulting GmbH Joseph-Wild-Straße 20 81829 München Germany Tel: +49 (89) 92907-0 Fax: +49 (89) 92907-100 http://www.tria.de
Registergericht München HRB 113466 USt.-IdNr. DE 180017238 Steuer-Nr. 802/40600 Geschäftsführer: Rosa Igl -------------------------------------------------------- Nachricht von: Dirk.Schreiner@tria.de Nachricht an: ds@caribenet.com, suse-security@suse.com # Dateianhänge: 0
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
-- --------------------------------------------------------- Ing. Ariel Guerrero Mailto: ariel.guerrero@gmail.com Fone: +595 981 425040 Asunción - Paraguay