Redirect rule for pop3 proxy



  • I'm trying to add p3scan into my pfSense 1.2.2 firewall so I can AV scan my pop e-mail.

    I have p3scan listening on 127.0.0.1:8110 on the firewall.

    So, I went into port forwarding in NAT and set up:
    Interface: LAN
    external address: interface address
    protocol: TCP
    external port range: pop3
    NAT IP 127.0.0.1
    local port: 8110 (the port p3scan listens on)
    And had it make the rule for allowing the traffic automatically

    Here's the problem…  I run p3scan in debug mode so it logs to the console if it makes any connections.  No connections happen.

    Am I missing something obvious?

    I have also set the listening address to 192.168.1.1 (address of the firewall) and tried redirecting there.  That got an error of: "ERR: Oops, that would loop!" and shut down that fork of the scanner (closing connection)

    Any help is appreciated.
    Thanks



  • Ok, I've never tried what you are doing, but…
    Logically it should go something like-

    Interface=LAN
    Ext address=any
    proto=TCP
    ext port=110
    NAT IP=127.0.0.1
    local port=8110

    Try picking ANY from the dropdown instead of the interface.



  • Hey,

    Thanks for the input.  And, I tried it with the same result.  But, it looks like the problem might be a known bug in the FreeBSD port of p3scan.  I'm looking into trying to fix it.  Looks like the problem is that p3scan doesn't determine the original address correctly after it's been redirected using pf.  The 3.0 version of p3scan also appears to be broken for FreeBSD, as it doesn't compile correctly.

    Anyone know of something other than p3scan that can scan a pop connection?


Log in to reply