From mboxrd@z Thu Jan 1 00:00:00 1970 From: Julien Date: Sun, 25 Jul 2004 11:10:42 +0000 Subject: Re: [LARTC] Help in understanding routing/tables/chains Message-Id: <41039532.8060401@tri-oxyde.org> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Jens wrote: >I am trying to trace a problem I have in redirecting my mail traffic to a >different ISP. I have set up a whole bunch of logging rules but am still a >bit mystified and could use some clarification.... > >The setup (shortened somewhat for this example): >Cable connection coming into a firewall/router going to a mail server in the >DMZ. >The interface on the firewall/router that the cable uses (to the internet) is >eth0. The interface on the firewall/router to the DMZ is eth3 > >I log all (I believe) destination port 25 packets going thru the firewall. The >current setup does not do any redirection of traffic to port 25 - everything >goes out the default interface eth0 and the whole setup works. I am trying to >get a baseline as to what I should see when I do the redirection later on. >To run my test, I am on the mailserver box and I initiate a telnet to a remote >ISP's mail server on port 25. > >The log messages I see are as follows: > >the first packet shows a traversal thru the nat filters as expected >The source and destination IP's are always the same - the source is always the >ip of my mail server and the destination is always the ip of the remote ISP's >mail server > >mangle preroute in eth3 src dst >nat preroute in eth3 >mangle forward in eth3 >mangle postroute out eth0 > >the second packet no longer shows traversal thru the nat filter >mangle preroute in eth3 >mangle forward in eth3 >mangle postroute out eth0 > >The things that I am having problems understanding are: > >1) I see the packet going into eth3, doing the preroute, the forward but I see >no postroute on eth3. I also don't see the packet going into eth0 or doing >anything until it comes out the postroute table. Why isn't there anything in >between ? > >2) The connection I establish is from a local ip 192.168.1.2 to the ISP's mail >server on the internet. The connection is fully functional so it's nat'ed >properly. Why is it that I don't see the change of source IP in the mangle >postroute (as the packet comes out of eth0 which is the internet interface) ? >Why don't I see the address change anywhere ? > >I am sorry to ask such basic questions but this stuff is crucial in me >figuring out what is happening and I have not managed to put the clues >together from the documents and how-to's that I have studied so far. > >Thanks > >Jens >_______________________________________________ >LARTC mailing list / LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > > > I'm trying to do the same thing, as you can see from my previous posts, it's working a little better as redirection works. Can you show us the ip route add, iptables -t mangle and ip route add command lines you used so we can check what could be wrong ? Julien _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/