From: George Alexandru Dragoi <waruiinu@gmail.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Problems routing mail to particular interface
Date: Thu, 22 Jul 2004 21:28:24 +0000 [thread overview]
Message-ID: <3063e50407221428a8e52f9@mail.gmail.com> (raw)
In-Reply-To: <003401c2c279$78772220$0802a8c0@monster>
A good think would be to give a full description to your network
setup, interfaces and so on, maybe there should be stuff like -s
192... -d ! 192../24
On Thu, 22 Jul 2004 12:17:27 -0700, Jens <jens@pacificsun.ca> wrote:
> 192.168.1.2 is the mail server which goes to 192.168.1.1 which is the firewall
> that has the routing script and routs to one of two external interfaces. I
> used PREROUTING based on some how-to's but have never really thought about
> exactly where the marking should take place. It seemed to me that PREROUTING
> was a good choice for marking since the routing rules which depend on the
> marking follow that.
>
> The flushing is something that got me before but which I am watching like a
> hawk now :)
>
> Jens
>
>
>
> On Thursday 22 July 2004 02:59, George Alexandru Dragoi wrote:
> > Is the 192.168.1.2 an ip on the router? If yes, you'll have to mark in
> > OUTPUT, not PREROUTING, also, after you set up the rules and routes,
> > did you an
> > ip route flush cache
> > ?
> >
> > I hope these works
> >
> > On Wed, 21 Jul 2004 20:02:32 -0700, Jens <jens@pacificsun.ca> wrote:
> > > I have a particular problem that has caused me grief for some time now
> > > and even though the answer is probably very basic, it has eluded me. I
> > > would appreciate any help or pointers in the right direction.
> > >
> > > I have two links to the internet, one via cable and one via adsl.
> > > Although I would want to add redundancy at a later time, all I want to
> > > get working now is that mail from my server goes out via the adsl link
> > > (it's a fixed IP and I am running into too many cases where my cable
> > > account with it's dynamic IP is blocked by other mail servers).
> > > I have spent considerable time trying to wrap my brain around ip tables,
> > > routing and the such. Although I only see a slight ray of hope in ever
> > > understanding the subject completely, my current problem doesn't (at
> > > first glance) seem to require a degree in rocket science. I have set up
> > > two routing tables (adsl and shaw). I mark packets with "iptables -t
> > > mangle -A PREROUTING -p tcp -- dport 25 -s 192.168.1.2 -j MARK --set-mark
> > > 1" and use "ip rule add fwmark 1 table adsl". To my understanding, the
> > > result of this is that every packet from 192.168.1.2 that comes out of my
> > > mail server via port 25 will get market with '1' and that routing is
> > > decided via table adsl. The adsl table has a default route via the adsl
> > > line. There is also a separate default gateway set up in the regular
> > > routing table to go via the cable connection. I seem to be missing
> > > something because I get the following result .... if I telnet from my
> > > mail server (192.168.1.2) to another mail server via port 25, I get a
> > > timeout. If I telnet to the same server via port 80 I get the connect
> > > message from the other end. To me, this seems to indicate that port 25
> > > messages are marked and are routed differently from the port 80 messages
> > > - just like I would expect. The question is, why the heck am I not
> > > getting anywhere on port 25. The same setup going to the default cable
> > > provider works just fine - this leads me to believe that I don't have
> > > anything in the router/firewall impeding the traffic.
> > > What am I missing ????
> > > Is there any way to trace how my attempts at telnetting thru port 25 are
> > > handled by the router ?
> > > I would be happy to post any further information needed to sort this out.
> > >
> > > Jens
> > > _______________________________________________
> > > LARTC mailing list / LARTC@mailman.ds9a.nl
> > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> >
> > _______________________________________________
> > LARTC mailing list / LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next prev parent reply other threads:[~2004-07-22 21:28 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-01-23 0:50 [LARTC] Problems routing mail to particular interface mjoachimiak
2004-07-22 9:59 ` George Alexandru Dragoi
2004-07-22 21:17 ` George Alexandru Dragoi
2004-07-22 21:28 ` George Alexandru Dragoi [this message]
2004-07-22 23:50 ` George Alexandru Dragoi
2004-07-23 0:33 ` George Alexandru Dragoi
2004-07-23 5:40 ` George Alexandru Dragoi
2004-07-23 9:45 ` Brian Carrig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3063e50407221428a8e52f9@mail.gmail.com \
--to=waruiinu@gmail.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.