PORT FORWARDING for POP and SMTP

mudasirm · 12-01-2008, 04:43 AM

I am trying to do Port Forwarding for POP and SMTP. My senario is as follows

INTERNET-- >(eth1 -- real ip)LINUX FIREWALL(eth0 -- class C)-- >Windows XP MAIL SERVER

Mail Server is not on Linux its using Windows XP.

Mail Server is also on Class C IP. I am trying to do Port Forwarding for port 25 and 110, but unable to achieve it. I am using follwing IPTABLES rule to do so

Code:

NETWORK=eth0 
INTERNET=eth1 
REAL_IP=xx.xx.xx.xx 
MAIL_SERVER=xx.xx.xx.xx 

iptables -P INPUT DROP 
iptables -P FORWARD ACCEPT 
iptables -P OUTPUT ACCEPT 

echo 1 > /proc/sys/net/ipv4/ip_forward 

iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT 
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT 

iptables -t nat -A PREROUTING -i $INTERNET -p tcp --dport 25 -j DNAT --to-destination $MAIL_SERVER:25 
iptables -t nat -A PREROUTING -i $INTERNET -p tcp --dport 110 -j DNAT --to-destination $MAIL_SERVER:110 

iptables -A INPUT -p tcp --dport 25 -j ACCEPT 
iptables -A INPUT -p tcp --dport 110 -j ACCEPT 

iptables -t nat -A POSTROUTING -o $INTERNET -p tcp --dport 25 -j SNAT --to-source $REAL_IP 
iptables -t nat -A POSTROUTING -o $INTERNET -p tcp --dport 110 -j SNAT --to-source $REAL_IP

These rules are not working however when i try to do Port Forwarding for other ports like VNC or HTTP in similar manner

Code:

 
iptables -t nat -A PREROUTING -i $INTERNET -p tcp --dport 80 -j DNAT --to-destination $MAIL_SERVER:80 
iptables -t nat -A PREROUTING -i $INTERNET -p tcp --dport 5900 -j DNAT --to-destination $MAIL_SERVER:5900

These Rules work perfect.

When i send mail from hotmail or any other mail service i am able to recieve at my internal mail server, but when i send mail from my mail server i am unable to recieve mails any where else except on the same domain.
And when i use a router instead of a linux machine for port forwarding every thing works fine including MAIL TRANSFER from and to the domain.

I think there might be something that i am missing or doing wrong. Please help me out in this.

Looking forward for a positive reply.

datopdog · 12-01-2008, 07:43 AM

This is really not a firewall as you are allowing all inbound connections to the firewall using this rule.

Code:

iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

Nothing is also stopping your outbound smtp connection as your FORWARD chain has policy allow.

You need to check on the windows machine it could be a default gw issue, if not then troubleshoot using tcpdump and telnet.

mudasirm · 12-02-2008, 12:44 AM

Hi,

Dear i know this is not a firewall. In real i am using MANGLE table to mark all KNOWN hosts and DROP all unknown hosts, and these DROP rules are at the top of all other rules which makes these rules work fine for me.

The only issue is with SENDING mails from my mail server, not in recieving mails.

I have no Access to Windows Machine, it is a pre-configured IBM Machine which i am not allowed to do anything with.

And can you tell me how can i use TCPDUMP to trace packets and debug this issue

Telnet to the mail server is working fine even from REMOTE location, thats why i am confused why the mail transfer is not working.

datopdog · 12-02-2008, 01:34 AM

The debugging would only work if you had access to the windows machine, but you can still simulate that using another machine on the lan you need to listen on your internal interface as well as the external interface and see what happens to the packets.

mudasirm · 12-02-2008, 11:09 PM

Hi,

Dear i can not simulate this senario, as i said the windows machine has been pre-configured by IBM, so i dont know what are the settings.

And regarding watching the internal and external interfaces, have been doing that for about 3 days, still dont understand where the packets are dropping.

Anyways, now i will try something new, and if it works i will post it here.

And i really appreciate your help.

hasanatizaz · 12-03-2008, 12:59 PM

hello mudasir bhai, congrats for your RHCE and good to see you here.