[JDEV] firewall config for ssl
John Draughn
jdraughn at kiorisoft.com
Fri Oct 12 01:07:21 CDT 2001
Do you have the <name/> field in the jabber.xml (jabberd config file) to
the name of the nat box? If I remember correctly, server will reject
logon attempts due to "invalid server specified" or similar if the name
isn't listed.
Might want to check up on that.
-John 'zariok' Draughn
On Fri, 2001-10-12 at 00:33, Bruce Duncan wrote:
> here's part of my iptables script. i can telnet to
> the firewall machine from outside on port 5223 and get
> connected. This looks just like the bits i have for
> forwarding sendmail and pop3 requests in thru the
> firewall to an internal machine...don't know why this
> doesn't seem to work right.
>
>
>
> #
> # IM forwarding
> #
> #
> iptables -t nat -A PREROUTING -i $EXTERNAL_INTERFACE
> -j DNAT -p tcp -d $FIREWALL
> _MACHINE --dport 5223 --to $IM_MACHINE:5223
> #
> # IM allowances
> #
> # Allow SSL'd IM traffic to come in throught the
> external interface and get
> # forwarded to the internal interface if its bound for
> the im machine
> #
> iptables -N IM
> iptables -A IM -j ACCEPT
>
> iptables -A FORWARD -p tcp -m state --state NEW -s
> 0/0 -d $IM_MACHINE --d
> estination-port 5223 -j IM
>
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Make a great connection at Yahoo! Personals.
> http://personals.yahoo.com
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev
More information about the JDev
mailing list