I'm trying to allow smtp traffic from the net in and out of a local mailserver.
I seem to have lost my sense of direction with regard to input, output and forward rules when it comes to DNAT and SNAT...
eth1 is my external interface 192.168.1.1 eth0 is internal mailserver is internal 172.16.1.1
is the OUTPUT filter on the NAT table for traffic coming from external
--> internal? does forward have to be used in two rules when traffic is flowing through a two interface firewall?
I thought the traffic passed like this:
--> external (DNAT) | ------------> output | ------> internal