[fw-wiz] re: port forward question

From: Mike Hoskins (mike_at_adept.org)
Date: 04/30/03

  • Next message: Barney Wolff: "Re: [fw-wiz] re: ipfw Configuration (Newbie Question)" 
    To: firewall-wizards@honor.icsalabs.com
Date: Wed, 30 Apr 2003 13:36:31 -0700 (PDT)

    Date: Wed, 30 Apr 2003 08:05:43 -0400
    From: "Robert E. Martin" <rmartin@fishburne.org>
    Subject: [fw-wiz] port forward question
    > I have a web server inside a port fw box. This is a NAT box that runs
    > iptables to allow port forwarding to a web server. I want to run a form
    > script on the web server....formmail.cgi. The web server is a linux box
    > with sendmail. Should I have port 25 open to the world to allow this
    > form to work? I am kind of new to this so be gentle.

    Make sure you keep up to date with formmail.cgi. It's fairly notorious,
    at least historically... And checking the script's website,

    http://www.scriptarchive.com/formmail.html

    "SECURITY UPDATE ... UPGRADE IMMEDIATELY" is the first thing I see.
    Granted, I see that on a lot of pages these days. ;)

    > I suppose the real question here is , How do I allow sendmail to _send_
    > _mail_ from a dnat'd web server?

    I've got mail hosts that only need to send in a few places... development,
    integration and QA networks for example. All of them sit behind NAT
    devices. Some just get translated through PIX globals (PAT) and others
    have static NAT entries... But none of them have port 25 open to the
    'Net. So if you just want to send mail, you'll need an appropriate MTA
    and a network connection with DNS servers capable of finding MX records
    for the domains you wish to contact.

    -mrh 

    --
From: "Spam Catcher" <spam-catcher@adept.org>
To: spam-catcher@adept.org
Do NOT send email to the address listed above or
you will be added to a blacklist!
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
  • Next message: Barney Wolff: "Re: [fw-wiz] re: ipfw Configuration (Newbie Question)"

    Relevant Pages

    • Re: 2000, NAT & port forwarding...
      ... is the interface 'LAN' added as the NAT private interface? ... private port: 80 ... you see the mapping happening in NAT --> Show mappings? ... I want HTTP requests to this computer to be forwarded to a web server at ...
      (microsoft.public.win2000.ras_routing)
    • Re: port status
      ... No, I'm not running any public web server, as far as I know :-) It's a home ... PC with ADSL connection through a Zyxel 645R, using NAT. ... >>Symantec security check says my ICMP/Ping port and port 80 is open. ...
      (comp.security.firewalls)
    • Re: nat firewall
      ... I have done all that so far for only one web server behind nat. ... is to setup another physical web server in the same network. ... > If you're talking about NAT/Firewall, then open port 80 on the FW and/or ...
      (comp.security.firewalls)
    • Re: nat firewall
      ... I have done all that so far for only one web server behind nat. ... is to setup another physical web server in the same network. ... > If you're talking about NAT/Firewall, then open port 80 on the FW and/or ...
      (comp.security.firewalls)
    • Re: ISPs can easily decrease net abuse
      ... |use NAT with forwarding? ... When one of the inside systems wants to go out, the NAT device has to ... address to as it sends out the packets. ... Suppose the NAT box allocates port ...
      (comp.security.misc)