Exchange and IPtables
Gill, Vern
vgill@technologist.com
Tue, 7 Aug 2001 16:44:44 -0700
These rules have been working for me since I started using iptables.
Avbout a year now I would guess...
Fill in the IP of your host running exchange, modify the other variables
to match your needs, and run. Works great!
If you need more info, please let me know. I have had this going for a
while now, so I have a pretty good idea.
EXCHANGE_HOST="xxx.xxx.xxx.xxx"
# Part of the Exchange server stuff (25)
logger -s "Allow SMTP Server Connections on port 25"
$IPTABLES -A INPUT -i $EXTERNAL_IF -p tcp -s $ALLADDR --sport 25 -d
$EXCHANGE_HOST --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT -v
$IPTABLES -A OUTPUT -o $EXTERNAL_IF -p tcp -s $INTERNAL_NET --sport 25
-d $ALLADDR --dport 25 -j ACCEPT -v
$IPTABLES -t nat -A PREROUTING -i $EXTERNAL_IF -p tcp -d $EXTERNAL_IP
--dport 25 -m state --state NEW,ESTABLISHED,RELATED -j DNAT
--to-destination $EXCHANGE_HOST:25 -v
Vern H. Gill
State Director
Director of Marketing
Conejo Valley Jaycees
vgill@technologist.com
http://www.conejovalleyjaycees.org