> ну а ответные то пакетики от почтового хоста где?Наверно ответные пакеты не пускает ipfw. Потому, что
Если соединятся из локальной сети, то соединение устанавливается
telnet 192.168.1.29 25
Trying 192.168.1.29...
Connected to 192.168.1.29.
Escape character is '^]'.
220 gw.pbnsk.ru, ESMTP EXIM 4.77
quit
На сервере с ipfw
tcpdump -vvvnni rl1 host 192.168.1.29
tcpdump: listening on rl1, link-type EN10MB (Ethernet), capture size 262144 bytes
11:47:11.067023 IP (tos 0x10, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
192.168.2.19.46111 > 192.168.1.29.25: Flags [S], cksum 0x9510 (correct), seq 1324145157, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 414015 ecr 0], length 0
11:47:11.067322 IP (tos 0x0, ttl 64, id 54426, offset 0, flags [DF], proto TCP (6), length 60)
192.168.1.29.25 > 192.168.2.19.46111: Flags [S.], cksum 0x9dea (correct), seq 50893542, ack 1324145158, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 2224282770 ecr 414015], length 0
11:47:11.067360 IP (tos 0x10, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
192.168.2.19.46111 > 192.168.1.29.25: Flags [.], cksum 0xc8b3 (correct), seq 1, ack 1, win 1026, options [nop,nop,TS val 414015 ecr 2224282770], length 0
11:47:11.072834 IP (tos 0x0, ttl 64, id 54427, offset 0, flags [DF], proto TCP (6), length 86)
192.168.1.29.25 > 192.168.2.19.46111: Flags [P.], cksum 0x50c7 (correct), seq 1:35, ack 1, win 1040, options [nop,nop,TS val 2224282771 ecr 414015], length 34: SMTP, length: 34
220 gw.pbnsk.ru, ESMTP EXIM 4.77
11:47:11.178856 IP (tos 0x10, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
192.168.2.19.46111 > 192.168.1.29.25: Flags [.], cksum 0xc820 (correct), seq 1, ack 35, win 1026, options [nop,nop,TS val 414127 ecr 2224282771], length 0
11:47:15.659390 IP (tos 0x10, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 58)
192.168.2.19.46111 > 192.168.1.29.25: Flags [P.], cksum 0xce9d (correct), seq 1:7, ack 35, win 1026, options [nop,nop,TS val 418608 ecr 2224282771], length 6: SMTP, length: 6
quit
11:47:15.660242 IP (tos 0x0, ttl 64, id 54428, offset 0, flags [DF], proto TCP (6), length 88)
192.168.1.29.25 > 192.168.2.19.46111: Flags [P.], cksum 0x765c (correct), seq 35:71, ack 7, win 1040, options [nop,nop,TS val 2224283230 ecr 418608], length 36: SMTP, length: 36