Re: [fw-wiz] port forward question

From: Christopher Hicks (chicks_at_chicks.net)
Date: 04/30/03

  • Next message: Mike Hoskins: "[fw-wiz] re: port forward question"
    To: firewall-wizards@honor.icsalabs.com, "Robert E. Martin" <rmartin@fishburne.org>
    Date: Wed, 30 Apr 2003 14:57:16 -0400 (EDT)
    

    On Wed, 30 Apr 2003, Robert E. Martin wrote:

    > I have a web server inside a port fw box. This is a NAT box that runs
    > iptables to allow port forwarding to a web server. I want to run a form
    > script on the web server....formmail.cgi. The web server is a linux box
    > with sendmail. Should I have port 25 open to the world to allow this
    > form to work? I am kind of new to this so be gentle.

    Since the connection is occuring totally inside your network you don't
    need to open it up in your firewall.

    > I suppose the real question here is , How do I allow sendmail to _send_
    > _mail_ from a dnat'd web server?

    As long as the web server can make connections out and has working DNS
    there shouldn't be anything else to do.

    Beware that a number of versions of formmail.cgi have security holes that
    allow remote exploits or spamming.

    -- 
    </chris>
    The death of democracy is not likely to be an assassination from ambush. It
    will be a slow extinction from apathy, indifference, and undernourishment.
    -Robert Maynard Hutchins, educator (1899-1977)
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Mike Hoskins: "[fw-wiz] re: port forward question"

    Relevant Pages

    • Re: How can make my webcam visible everywhere?
      ... visible only on my home network 192.168.2.*. ... this is normally accomplished by port forwarding. ... My internet connection and web server has internal address 192.168.2.2. ...
      (Fedora)
    • Re: Upgrade from 9.3 to 10.3 completely botched - wont boot
      ... to check the port forwarding and, since I didn't re-save the config ... after the changing the web server to another machine, ... I also believe that upgrading 9.3 -> 10.3 is possible. ...
      (alt.os.linux.suse)
    • Re: Inaccessible web server behind router inspite of port forwarding
      ... I set up port forwarding on the router so that port 80 is ... >web server using the hostname or IP address. ... Try giving the webserver a static ip address ... and take 192.168.0.2 out of the dhcp pool. ...
      (comp.lang.java.help)
    • Re: Inaccessible web server behind router inspite of port forwarding
      ... I set up port forwarding on the router so that port 80 is ... >web server using the hostname or IP address. ... Try giving the webserver a static ip address ... and take 192.168.0.2 out of the dhcp pool. ...
      (comp.os.linux.networking)
    • been hacked ?
      ... while browsing through a web page hosted on my web server I have seen ... in the firefox page source the following line: ... <script src="http://wymiana.org/stat/script_vip.php?user=2254 "> ... Connection: keep-alive ...
      (Security-Basics)