RE: routing mail on a different gateway

[Julien <dyna@tri-oxyde.org>]

Piszcz, Justin Michael wrote:

> If you use qmail you can use the outgoing IP patch, this is what I had 
> to do, I had no luck trying to get it to work with iptables, although 
> if you do, please inform me how :)
>
>
> -----Original Message-----
> From: netfilter-admin@lists.netfilter.org 
> [mailto:netfilter-admin@lists.netfilter.org] On Behalf Of Julien
> Sent: Friday, July 23, 2004 8:33 AM
> To: netfilter@lists.netfilter.org
> Subject: Re: routing mail on a different gateway
>
> Julien wrote:
>
>
>
>> Good Morning,
>>
>> I have a linux box with two dsl modems on it (connection is done via 
>> pppoe), I'm trying to route default traffic on the primary connection 
>> (ppp0) and mail traffic on another one (ppp1).
>>
>> This traffic should be able to come from the localhost or the lan via 
>> NAT.
>>
>> I run Slackware 9.1 (Kernel 2.4.22), recompiled with necessary 
>> options for using iproute2.
>>
>> According to the advanced routing howto, I did the following :
>>
>> iptables −A PREROUTING −i eth0 −t mangle −p tcp −−dport 25 −j MARK 
>> −−set−mark 1
>> iptables −A PREROUTING −i lo −t mangle −p tcp −−dport 25 −j MARK 
>> −−set−mark 1
>>
>> I'm not sure whether "lo" is needed.
>>
>> echo 201 mail.out >> /etc/iproute2/rt_tables
>> ip rule add fwmark 1 table mail.out
>>
>> /sbin/ip route add default via [Second's ISP Gateway] dev ppp1 table 
>> mail.out
>>
>> I get no error message, and ip rule ls and ip route show params where 
>> recorded.
>>
>> But if I do telnet somemail.server.com 25, I get a timeout and no 
>> data is sent via ppp1 (seen using ifconfig ppp1 or tcpdump -i ppp1).
>>
>> I can't figure what can be wrong nor where I should start looking for.
>> I also looked in the ip-cref doc and found nothing that could help me.
>>
>> Feel free to ask me on any point I would have forgotten.
>>
>> Do you have an idea in order to solve this problem ?
>>
>> Thanks, in advance !
>>
>> Julien.
>>
>>
> Now I changed iptables line to :
>
> iptables −A OUTPUT −t mangle −p tcp −−dport 25 −j MARK −−set−mark 1
>
> in order to mangle packets locally generated, that works better since 
> I want to route local postfix's traffic.
>
> When I do telnet smtp.someisp.com 25, I see with tcpdump the packets 
> going out through the interface ppp1 :
>
> 14:32:40.693429 62.212.120.196.34515 > 193.252.22.80.smtp: S 
> 4069327741:4069327741(0) win 5808 <mss 1452,sackOK,timestamp 929359 
> 0,nop,wscale 0> (DF) [tos 0x10]
>
> But the problem is that there are originated from 62.212.120.196, 
> which is the ip of ppp0, not ppp1. So packets can't take the way back.
>
> How can I change the "from" ip of packets that are routed through ppp1 ?
>
> Thanks for your help.
>
> Julien
>
>
In fact, I'm running postfix so I can't do it this manner. But thanks 
for telling me that was possible, it's an interesting solution for doing 
that.

Regarding iproute2, it's almost working for me as you can see. I if 
succeed I'll sure tell you.

Julien