I need help getting innd running correctly on the inside of my network

I need help getting innd running correctly on the inside of my network

Post by Pau » Wed, 08 May 2002 10:46:17



Hi!

 I'm running a low end main server to act as my firewall, and MASQ
server, connecting the other boxes to the hub, to share the same
static IP address. I have innd setup on 192.168.0.20 internally. I
know innd is running, but something is wrong in that it is either not
accepting messages from my feeds, or not sending?  (I do not yet know
how to tell?) All I know is that the transfer per day on the spool
drives have went from 6-10 gigs per day to only almost 100k..

 I had everything originally setup on the main server and all was
well, ran Sweet!, but now that I have moved the news server to it's
own machine things are screwy.

 I think it has to do with my iptables??  Here is what I have;

 (Realavent section)
 Forwarding port 119

------(((echo " Route incoming ppp0 at port 119 NEWS SERVER, to
192.168.0.20:119"
$IPTABLES -A PREROUTING -t nat -p tcp -i ppp0 --dport 119 -j DNAT --to
192.168.0.20:119)))--------

 This is the real thing;,,,

## Masq
$IPTABLES -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

$IPTABLES -A FORWARD -s 192.168.0.0/24 -j ACCEPT
$IPTABLES -A FORWARD -d 192.168.0.0/24 -j ACCEPT
$IPTABLES -A FORWARD -s ! 192.168.0.0/24 -j DROP

## Make sure to turn on ip forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

echo " Route incoming ppp0 for port 119 NEWS SERVER, to
192.168.0.20:119"
$IPTABLES -A PREROUTING -t nat -p tcp -i ppp0 --dport 119 -j DNAT --to
192.168.0.20:119

# DROP HTTP packets related to CodeRed and Nimda viruses silently
$IPTABLES -t filter -A INPUT -i ppp0 -p tcp -d 66.149.133.40 --dport
80 -m
string \
   --string "/default.ida?" -j DROP
$IPTABLES -t filter -A INPUT -i ppp0 -p tcp -d 66.149.133.40 --dport
80 -m
string \
   --string ".exe?/c+dir" -j DROP
$IPTABLES -t filter -A INPUT -i ppp0 -p tcp -d 66.149.133.40 --dport
80 -m
string \
   --string ".exe?/c+tftp" -j DROP

echo " Route incoming ppp0 at port 119 NEWS SERVER, to
192.168.0.20:119"
$IPTABLES -A PREROUTING -t nat -p tcp -i ppp0 --dport 119 -j DNAT --to
192.168.0.20:119

 Do I need something else here? This to my thinking means route all
port 119 traffic to internall ip..  Do I need another rule for proper
out??

 Someone Please help?