PORT FORWARDING


Port forwarding is used to let a host behind a firewall respond to
requests from the untrusted side of the firewall.  To do this, you must
set up masquerading first.  This requires two interfaces on the firewall,
one to the untrusted network and one to the protected network.

The configuration file for the interface to the untrusted network must use
the firewall options and it must allow masquerading.  To make a web server
on the protected network provide services to the untrusted network, use the
portfw keyword in the configuration file for tcp port 80.

You may need to verify the firewall settings for the interface going
to the server as well.

If you want identd to work correctly with a mail server behind a firewall,
you will need to port forward identd traffic to the same host.  If you
choose not to run identd, you might want to allow identd connections in
the firewall, since remote hosts will get an immediate reply letting them
know that identd is not running.