LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-07-2004, 04:52 AM   #1
Mental Skylight
LQ Newbie
 
Registered: Sep 2004
Location: South Africa
Distribution: RH9, Fedora 2
Posts: 1

Rep: Reputation: 0
Pop3 access behind RH9 firewall


I have a RH9 installation operating on a very basic private network. The server runs a web proxy and a mail server. All users have fixed IP's and no login authentication. The firewall settings are on "Medium" and access is granted to all protocols incl Telnet.

I need users to be able to to access individual pop3 accounts at their own ISP's from clients (Win XP) on the network but am struggling.

I have tried to check access by telnet to ISP pop3.domain.com on port 25 from clients but connection fails. Telnet to ISP pop3.domain.com succeeds from the RH9 server.

Any suggestions as to where to look greatly appreciated!

Thanks

Mental
 
Old 10-03-2004, 01:15 PM   #2
davidbalt
Member
 
Registered: Feb 2004
Distribution: Gentoo -- always from stage1
Posts: 85

Rep: Reputation: 15
I think you have mistaken the usefulness of a "proxy" server.

Proxy servers typically only redirect HTTP traffic on certain ports. If you want your machines behind the firewall to be able to "see" the internet on all ports, you will need to enable NAT on the firewall.

After you do this, you can safely just remove the proxy server, in my opinion.

Enabling NAT varies depending on the distribution and the kernel version. It is actually very easy to do. You should be able to find a HOWTO someplace on setting that up.

Basically, NAT allows your router to send packets to the Internet on behalf of the machines connected to your network. When the "Internet" responds, the router remembers which machine asked for the information and forwards it. In this way, the router becomes a transparent intermediary. NAT is done at the Kernel level, so you might have to recompile your kernel depending on your current configuration.

Hope I pointed you in the right direction!
 
Old 12-02-2004, 02:15 AM   #3
mini_mike
LQ Newbie
 
Registered: Aug 2004
Location: Manila, Philippines
Distribution: Red Hat 9
Posts: 11

Rep: Reputation: 0
How do I enable NAT from RH9? I pretty much have the same setup. Security is set to medium. And I use SQUID to proxy HTTP requests from workstations behind RH9
 
Old 12-02-2004, 05:27 PM   #4
davidbalt
Member
 
Registered: Feb 2004
Distribution: Gentoo -- always from stage1
Posts: 85

Rep: Reputation: 15
------------ SNIP -------------
# Load the NAT module (this pulls in all the others).
modprobe iptable_nat

# In the NAT table (-t nat), Append a rule (-A) after routing
# (POSTROUTING) for all packets going out ppp0 (-o ppp0) which says to
# MASQUERADE the connection (-j MASQUERADE).
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

----- / SNIP / ---------

You'll probably have to change ppp0 to eth0 or eth1 or whatever for your box.
 
Old 12-02-2004, 05:28 PM   #5
davidbalt
Member
 
Registered: Feb 2004
Distribution: Gentoo -- always from stage1
Posts: 85

Rep: Reputation: 15
Oh, and you'll obviously need iptables installed at the kernel level, and you'll need the userland tools for iptables installed as well. That *should* come with redhat, but I'm not sure.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Firewall blocking some POP3 requests Funky D Linux - Networking 5 09-23-2005 05:21 PM
pop3 access log on RH9.. where? ToBe Linux - Networking 3 07-13-2004 12:06 PM
pop3 access drewskiamk Linux - Software 18 11-12-2003 09:34 PM
pop3 access bradyc Linux - Newbie 6 10-28-2003 03:02 PM
NMF (Network Multi Firewall) 8.2 and SMTP; POP3 access Cayouettem Linux - Networking 0 08-23-2003 12:35 PM


All times are GMT -5. The time now is 07:36 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration