 | | | Forwarding and masquerding | Forwarding and masquerding 2005-01-26 - By Rick Stevens
Back
Marcos Osorio wrote:
> Hi, i installed a Red Hat Enterprise Edition 3 and i want to use this
> server as a gateway, so, my quiestion is:
> How can i forward and do masquerading of the others pcs, i have to nics,
> eth0 and eth1, so is there any aplication or script?
Depends on whether you're using sendmail, postfix or qmail--they're all
different.
If you're going to be toying with sendmail, make sure you get a copy of
the "Bat Book" ("sendmail" by Costales and Allman, O'Reilly). It
describes all of the stuff.
For sendmail in a nutshell, do this as root:
1. cd /etc/mail
2. Edit "sendmail.mc" and uncomment the various "masquerade*"
options you need by deleting the "dnl " bit in front and
modifying the contents as needed. The lines you're probably
interested in would look like this after you edit them:
MASQUERADE_AS(`mydomain.com')dnl
(note that the first quote is a grave, on the "~" key)
FEATURE(masquerade_envelope)dnl
FEATURE(masquerade_entire_domain)dnl
MASQUERADE_DOMAIN(localhost)dnl
MASQUERADE_DOMAIN(localhost.localdomain)dnl
MASQUERADE_DOMAIN(mydomain.com)dnl
You also need to remove the "Addr=127.0.0.1," bit from the
"DAEMON_OPTIONS" line:
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
3. Edit "access" and add "Connect:xxx.xxx.xxx.xxx RELAY" lines as
needed for the machines you are willing to relay for, where the
"xxx.xxx.xxx.xxx" is the IP address for the client machines.
4. Do a "make" to rebuild "sendmail.cf" from "sendmail.mc" and
build "access.db" from "access".
5. Restart sendmail via "/etc/rc.d/init.d/sendmail restart"
I REALLY, REALLY (and I mean REALLY!) recommend you peruse the bat book
FIRST. The LAST thing the Internet needs is another bloody open relay
server. What I've given you above is VERY cursory and you can get
yourself into lots of trouble if you screw up.
MAJOR POINT HERE!
If you don't know what you're doing or you don't understand what I said
above, go find someone who knows what to do. DO NOT try this if you
have ANY doubts. If you do, the odds are you'll end up with an open
relay server and then you'll come back to us complaining that you got
blacklisted on SORBS or dnsbl.org. Ignoring our warnings will make us
rather unsympathetic to your plight.
I don't want to sound mean, but I run a mail service that handles 18M
messages a day and I'm really, really tired of open relay servers (90%
of which are Windows machines or badly-configured sendmail machines)
spamming us or trying to propagate viruses. Fully 50% of the traffic
we see is crap of that sort.
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --
- Rick Stevens, Senior Systems Engineer rstevens@(protected) -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Consciousness: that annoying time between naps. -
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --
__ ____ ____ ____ ____ ____ ____ ____ ____ ____
Redhat-install-list mailing list
Redhat-install-list@(protected)
https://www.redhat.com/mailman/listinfo/redhat-install-list
To Unsubscribe Go To ABOVE URL or send a message to:
redhat-install-list-request@(protected)
Subject: unsubscribe
Earn $52 per hosting referral at Lunarpages.
|
|
|