I am using Linux 9.0 & squid as an Internet Gateway with two network cards eth0 (public IP) and eht1(Private IP) and Exchange2000 as an e-mail server which is on private IP. By using IPtables my exchange server can receive and send mails on internet. But my users can not POP their mails from exchange server when they are on foreign tour my configurations are
echo "1" >/proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -d 202.xxx.xxx.xxx -j DNAT --to-destination 192.168.xx.xxx
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.xx.xxx -j SNAT --to-source 202.xxx.xxx.xxx
iptables -A INPUT -i eth0 -p tcp --d port 25 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --d port 110 -j ACCEPT
2ndly in my office one user/client needs FTP access on his machine, how can i allow him on port 21 ?