Our proxy server just went down and I am trying to configure a new box. I thought that I had a copy of all the config files but I guess I don't because I am having some problems. Here is the setup:<br>mailserver: <a href="http://10.10.10.3">
10.10.10.3</a><br>proxy internal IP: <a href="http://192.168.0.1">192.168.0.1</a><br>proxy external IP: <a href="http://10.10.10.6">10.10.10.6</a><br><br>We can do everything except send emails. I am guessing that the problem is with the iptable rules. We are getting "connection failed" error messages from Thunderbird. I must admit that it's been a while since I did anything with iptables. Here is what they currently are:
<br><br>#!/bin/sh<br><br># Setting up vars<br>INTIF="eth0"<br>EXTIF="eth1"<br>EXTIP="<a href="http://10.10.10.6">10.10.10.6</a>"<br>HTTPIP="<a href="http://192.168.0.3">192.168.0.3</a>"
<br>DNSIP="<a href="http://192.168.0.60">192.168.0.60</a>"<br><br># Checking and loading mods<br>/sbin/depmod -a<br>/sbin/modprobe ip_tables<br>/sbin/modprobe ip_conntrack<br>/sbin/modprobe ip_conntrack_ftp<br>/sbin/modprobe ip_conntrack_irc
<br>/sbin/modprobe iptable_nat<br>/sbin/modprobe ip_nat_ftp<br><br># turning on forwarding<br>echo "1" > /proc/sys/net/ipv4/ip_forward<br><br>#Setting up the ruleset<br>iptables -P INPUT ACCEPT<br>iptables -F INPUT
<br>iptables -P OUTPUT ACCEPT<br>iptables -F OUTPUT<br>iptables -P FORWARD ACCEPT<br>iptables -F FORWARD<br>iptables -t nat -F<br>iptables -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT<br>iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
<br>iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE<br>iptables -t nat -A PREROUTING --dst $EXTIP -p tcp --dport 80 -j DNAT --to-destination $HTTPIP<br>iptables -t nat -A PREROUTING --dst $EXTIP -p tcp --dport 53 -j DNAT --to-destination $DNSIP
<br><br><br>By looking at these rules, it looks like to me that I am allowing pretty much everything. Any ideas?<br><br>Thanks,<br>Chris<br>