next up previous contents
Next: Redirecting firewall Up: Sample configurations Previous: Sample configurations   Contents


Wrapper running at the firewall

A firewall, located at a network's perimeter, either between the network and the Internet or between the servers' segment and the rest of the network, can very easily control many of the servers' network ports.



\resizebox* {0.6\textwidth}{!}{\includegraphics{include/wrapper-at-firewall.eps}}



Such a scheme would result in the following advantages and disadvantages:


\begin{labeling}{00.00.0000}
\item [Advantages]~
\end{labeling}


\begin{labeling}{00.00.0000}
\item [Disadvantages]~
\end{labeling}
This would be achieved using the following configuration files:

Firewall's /etc/ipnat.conf includes:

1

rdr ep1 192.168.0.1/32 port 25 -> 192.168.0.254 port 10025

Firewall's /etc/rc.local includes:

1

/usr/local/bin/smtpwrap &

Firewall's /usr/local/bin/smtpwrap:

1

#!/usr/bin/perl 

use ProtoWrap::SMTP;
use strict;

my ($wrap);

$wrap = ProtoWrap::SMTP->new('standalone' => 1,
                             'listenPort' => 10025,
                             'destType' => 'ip',
                             'destAddr' => '192.168.0.1',
                             'logLevel' => 3,
                             'maxMsgSize' => 3000000,
                             'relayDomainList' => ['mydomain.com'],
                             'maxRcpt' => 10,
                             'setUidTo' => 32767
                             );
die 'Can\'t start SMTP wrapper' if (not defined $wrap);
$wrap->startServer() or warn 'Can\'t start wrapper for '.$wrap->getProp();


next up previous contents
Next: Redirecting firewall Up: Sample configurations Previous: Sample configurations   Contents
Gunnar Wolf
2001-03-12