Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a RH9 installation operating on a very basic private network. The server runs a web proxy and a mail server. All users have fixed IP's and no login authentication. The firewall settings are on "Medium" and access is granted to all protocols incl Telnet.
I need users to be able to to access individual pop3 accounts at their own ISP's from clients (Win XP) on the network but am struggling.
I have tried to check access by telnet to ISP pop3.domain.com on port 25 from clients but connection fails. Telnet to ISP pop3.domain.com succeeds from the RH9 server.
Any suggestions as to where to look greatly appreciated!
I think you have mistaken the usefulness of a "proxy" server.
Proxy servers typically only redirect HTTP traffic on certain ports. If you want your machines behind the firewall to be able to "see" the internet on all ports, you will need to enable NAT on the firewall.
After you do this, you can safely just remove the proxy server, in my opinion.
Enabling NAT varies depending on the distribution and the kernel version. It is actually very easy to do. You should be able to find a HOWTO someplace on setting that up.
Basically, NAT allows your router to send packets to the Internet on behalf of the machines connected to your network. When the "Internet" responds, the router remembers which machine asked for the information and forwards it. In this way, the router becomes a transparent intermediary. NAT is done at the Kernel level, so you might have to recompile your kernel depending on your current configuration.
How do I enable NAT from RH9? I pretty much have the same setup. Security is set to medium. And I use SQUID to proxy HTTP requests from workstations behind RH9
------------ SNIP -------------
# Load the NAT module (this pulls in all the others).
modprobe iptable_nat
# In the NAT table (-t nat), Append a rule (-A) after routing
# (POSTROUTING) for all packets going out ppp0 (-o ppp0) which says to
# MASQUERADE the connection (-j MASQUERADE).
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
----- / SNIP / ---------
You'll probably have to change ppp0 to eth0 or eth1 or whatever for your box.
Oh, and you'll obviously need iptables installed at the kernel level, and you'll need the userland tools for iptables installed as well. That *should* come with redhat, but I'm not sure.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.