> SNAT --to-source=MY_FIREWALL_EXTERNAL_IP
>
> That's OK?
Looks alright to me, but it's been a while since I last used the SNAT target.
> If yes, is it enough or I have to specify something more?
That depends on what you want. It also depends on what other rules you have
in your iptables.
The command above will enable sending mail via SMTP only, because you
restrict it to port 25. POP, IMAP and mail submission (port 587) will not
work.
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/20101210131611.GA29004@lia.ch
No comments:
Post a Comment