Apologies if this is a silly mistake this is the first time ive had to set up port forwarding. I have two machines I have one machine set up as a DMZ (192.168.0.67) when all traffic inbound will hit first. I have configured a second machine to be an email server (192.168.0.78).
When I connect to the mail server from the dmz server or another machine via telnet I get 220 response from the smtp server. So I know the server is running and accessible from outside the mail server.
I edited my /etc/ufw/before.rules to try and forward all traffic on port 25 to the dmz machine to the mail server I have set up. I added the following lines near the top of the file above the *filter section
*nat
:PREROUTING ACCEPT [0:0]
-A PREROUTING --protocol tcp --destination 192.168.0.67 --dport 25 --jump DNAT --to-destination 192.168.0.78:25
-A POSTROUTING --protocol tcp --destination 192.168.0.78 --dport 25 --jump SNAT --to-source 192.168.0.67
COMMIT
After this I made sure UFW would reload successfully and rebooted the DMZ machine for good measure.
Unfortunately when i telnet to port 25 on the dmz server I don't get a response. I have read quite a few articles and watched a few videos and i cant seem to see what i have done incorrectly.
I checked ip forwarding was enabled with
sysctl net.ipv4.ip_forward and the result was 1.
I also ran
sudo socat TCP4-LISTEN:25,fork,reuseaddr TCP4:192.168.0.78:25
Which worked and allowed me to use telnet to connect on port 25 on the dmz server and receive the reply from he the mail server as I wanted. Which makes me think the problem is just that I have done something wrong with the rules. Any help would be greatly appreciated.
Edit: I am currently running Ubuntu 22.04.1 LTS
