I'm running m0n0wall 1.11 on the Generic PC build. It's connected to the
outside world via Verizon DSL. I've set up an internal SMTP server, and I'm
trying to open port 25 so outside hosts can send mail to my domain. However,
the firewall appears to still be blocking port 25. Here's my setup:
First, I set up Firewall NAT with the following:
External Address: Interface address
External port range: SMTP to SMTP
NAT IP: x.x.x.x (Internal IP of mail server)
Local port SMTP
And I hit the checkbox to create a firewall rule. This generated the
Source type: any
Source port range: any to any
Destination: Single host or alias, with internal address of mail server
Destination port range: from SMTP to SMTP
Do not allow fragmented packets
Do log packets that are handled by this rule
That firewall rule was placed below the default "block all" rule on the WAN.
I moved it to the top of the list and hit apply.
I SSHed into an external server (We'll call it Slappy), and tried to telnet
to port 25 of my external IP address. It just hangs. I look in the logs, and
two "Pass" arrows, one from the WAN interface, then one from the LAN
interface. Both have Slappy's IP in the source, with a port of 59048 and a
destination of the internal IP with port 25. Immediately after is a "block"
x next to the number 2 with the LAN interface. The telnet never connects
from Slappy; it just hangs.
I don't know what I'm doing wrong. I have a rule set up to allow RDP from
the outside, and that works fine. Can somebody tell me what I might be doing
wrong? Maybe the x with the 2 next to it helps?