I continued with the problem NAT and Filtering packet

I continued with the problem NAT and Filtering packet

[Administrador de Red]

Dear friends thanks very Mouch a some friends that try 
help me, well I want to say you that  a I continu with the 
problem the OE don't want to send and recived the email 
from mail server, I want to send the rules for iptables 
(Filtering and Nat) well i writing this rules and the file 
iptables configuration.

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25 -j 
DNAT --to 172.16.1.4:25

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 110 
-j DNAT --to 172.16.1.4:110

iptables -t nat -A POSTROUTING -o eth0 -j SNAT 
169.158.130.253


here I write the configuration file iptables

# Generated by iptables-save v1.2.3 on Thu Dec  5 21:23:05 
2002
*mangle
:PREROUTING ACCEPT [1875:210252]
:OUTPUT ACCEPT [691:73775]
COMMIT
# Completed on Thu Dec  5 21:23:05 2002
# Generated by iptables-save v1.2.3 on Thu Dec  5 21:23:05 
2002
*nat
:PREROUTING ACCEPT [585:66263]
:POSTROUTING ACCEPT [26:1748]
:OUTPUT ACCEPT [152:21673]
[0:0] -A PREROUTING -i eth0 -p tcp -m tcp --dport 25 -j 
DNAT --to-destination 169.158.130.251:25
[9:432] -A PREROUTING -i eth0 -p tcp -m tcp --dport 110 -j 
DNAT --to-destination 169.158.130.251:110
[0:0] -A PREROUTING -p tcp -m tcp --dport 8100 -j DNAT 
--to-destination 169.158.130.251:8100
[4:192] -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j 
REDIRECT --to-ports 3128
[0:0] -A POSTROUTING -o eth0 -j SNAT --to-source 
169.158.130.253
COMMIT
# Completed on Thu Dec  5 21:23:05 2002
# Generated by iptables-save v1.2.3 on Thu Dec  5 21:23:05 
2002
*filter
:INPUT ACCEPT [1779:205080]
:FORWARD ACCEPT [92:4880]
:OUTPUT ACCEPT [679:72695]
COMMIT
# Completed on Thu Dec  5 21:23:05 2002


I need some help  fast. please.

sincerely Thomas

Estamos en Calle 20 Numero 4110 % 41 y 47,
Miramar, Playa, Ciudad Habana, Cuba.
Telf:537(203-01-60) y (202-79-20)
Fax: 537(204-96-64)
Visitenos en: http://www.gecyt.cu

Re: I continued with the problem NAT and Filtering packet

[Maxim Berlin]

Hello Administrador,

Friday, December 06, 2002, Administrador de Red <admin@gecyt.cu> wrote:

AdR> Dear friends thanks very Mouch a some friends that try 
AdR> help me, well I want to say you that  a I continu with the 
AdR> problem the OE don't want to send and recived the email 
AdR> from mail server, I want to send the rules for iptables 
AdR> (Filtering and Nat) well i writing this rules and the file 
AdR> iptables configuration.

AdR> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to 172.16.1.4:25
AdR> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 110 -j DNAT --to 172.16.1.4:110
AdR> iptables -t nat -A POSTROUTING -o eth0 -j SNAT 169.158.130.253
[]

AdR> I need some help  fast. please.

very unfriendly people living here:(

in my meaning, you are interested in
client <-> 169.158.130.253:25  <-> 172.16.1.4:25
client <-> 169.158.130.253:110 <-> 172.16.1.4:110
and 169.158.130.253 is your linux host.
am i correct?

try this:
*******************
#!/bin/bash

IPTABLES=/sbin/iptables
IF=eth0
echo "1" > /proc/sys/net/ipv4/ip_forward
# uncomment two next lines, if you do not have any other rules
#$IPTABLES -t nat -F
#$IPTABLES -F
$IPTABLES -t nat -A PREROUTING -p tcp -i $IF --dport 25 -j DNAT --to 172.16.1.4:25
$IPTABLES -t nat -A PREROUTING -p tcp -i $IF --dport 110 -j DNAT --to 172.16.1.4:110
$IPTABLES -A FORWARD -p tcp -i $IF -o $IF -d 169.158.130.253 --dport 25 -j ACCEPT
$IPTABLES -A FORWARD -p tcp -i $IF -o $IF -d 169.158.130.253 --dport 110 -j ACCEPT
$IPTABLES -t nat -A POSTROUTING -o $IF -j MASQUERADE
*******************
then do
telnet 169.158.130.253 25
from your client.

Best wishes,
 Maxim                            mailto:mak@rtsnet.ru