Re: [fw-wiz] port forward question
From: Christopher Hicks (chicks_at_chicks.net)
To: firstname.lastname@example.org, "Robert E. Martin" <email@example.com> Date: Wed, 30 Apr 2003 14:57:16 -0400 (EDT)
On Wed, 30 Apr 2003, Robert E. Martin wrote:
> I have a web server inside a port fw box. This is a NAT box that runs
> iptables to allow port forwarding to a web server. I want to run a form
> script on the web server....formmail.cgi. The web server is a linux box
> with sendmail. Should I have port 25 open to the world to allow this
> form to work? I am kind of new to this so be gentle.
Since the connection is occuring totally inside your network you don't
need to open it up in your firewall.
> I suppose the real question here is , How do I allow sendmail to _send_
> _mail_ from a dnat'd web server?
As long as the web server can make connections out and has working DNS
there shouldn't be anything else to do.
Beware that a number of versions of formmail.cgi have security holes that
allow remote exploits or spamming.
-- </chris> The death of democracy is not likely to be an assassination from ambush. It will be a slow extinction from apathy, indifference, and undernourishment. -Robert Maynard Hutchins, educator (1899-1977) _______________________________________________ firewall-wizards mailing list firstname.lastname@example.org http://honor.icsalabs.com/mailman/listinfo/firewall-wizards