On Thu, 26 Aug 2004, Tomas Florian wrote:
> I'm trying to do the following simple thing but it doesn't work:
> Incoming NAT (I need to forward all external traffic destined to port 25 to
> my internal machine):
> 22.214.171.124 (Test source) -> 126.96.36.199:25 (WAN IP - Monowall) ->
> 192.168.1.103:25 (Internal mail server - destination)
> To understand what is going on, I setup tcpdump on both my source and
> destination machines:
> So in summary the problem seems to be the following. Everything works fine
> up to the point when destination sends ack back to the source. The ack
> never arrives. It gets lost on the way back to the source. Since there is
> no tcpdump on the monowall (or is there?), I don't know where it gets lost.
> But I definitely don't have any firewall anywhere between my source IP and
> my Monowall (not that I know of anyway). So my assumption is that monowall
> looses it.
M0n0wall doesn't include tcpdump, although it's possible to install
it. If you do that, note that you need libpcap also. For an occasional
test, you can just upload the files to the RAM disk - they'll be gone
after the next reboot. Beware that the two files total almost 1.5MB.
The alternative is to stick a hub on the WAN side of the m0n0wall and hook
in another machine that can capture (or another port on an existing
machine if you have a spare NIC).
> Any ideas? Why monowall looses it? I have a rule that says that all
> traffic from my LAN should be allowed through.
Have you tried it with some port other than 25? Some ISPs block customer
port 25. Granted, blocking the incoming packets would make more sense,
but the world isn't always sensible.