Linux Advanced Routing and Traffic Control list
 help / color / mirror / Atom feed
* [LARTC] Routing Mail traffic problem !
@ 2005-05-12 14:03 Stanislav Nedelchev
  2005-05-12 14:47 ` Peter Surda
  2005-05-12 23:30 ` Francisco Pereira
  0 siblings, 2 replies; 3+ messages in thread
From: Stanislav Nedelchev @ 2005-05-12 14:03 UTC (permalink / raw)
  To: lartc

Etx1 - First Internet Line  - eth0 
Ext2 - Second Internet line - eth2
LAN - Local Area Network - eth1


Other traffic - Ext1 -------+-------+--------------- Ext2 ---Web goes Here
		       eth0 |	    |eth2
			+-------+-------+
			|     ROUTER	|
			+----+------+---+
			        |eth1
192.168.0.0/24 -----------------+
				|
192.168.0.1/24------------------- - Gateway
				|
192.168.0.2/24------------------- - Mail.Mail.org


The problem is that i can't check e-mails if server name in e-mail
client is mail.mail.org
i can check e-mail only if server addrress is 192.168.0.2

I have :
iptables -t mangle -I PREROUTING -i eth1 -s 192.168.0.0/24 -d
mail.mail.org -p tcp --dport 110 -j MARK --set-mark 67
iptables -t mangle -I PREROUTING -i eth1 -s 192.168.0.0/24 -d
mail.mail.org -p tcp --dport 25 -j MARK --set-mark 67

/sbin/ip route add 192.168.0.0/24 dev eth1 table natips
/sbin/ip route add 127.0.0.0/8 dev lo  scope link table natips
/sbin/ip route add default via 192.168.0.2 dev eth1 table natips
/sbin/ip route flush cache
/sbin/ip rule add fwmark 67 table mail


But it's not working . 

root@fw:/usr/src/linux# ip rule list
0:      from all lookup local
32764:  from all fwmark 0x43 lookup mail
32765:  from all fwmark 0x42 lookup natips
32766:  from all lookup main
32767:  from all lookup default
root@fw:/usr/src/linux#


root@fw:/usr/src/linux# ip route list
192.168.0.2 dev eth1  scope link
213.91.108.248/29 dev eth0  proto kernel  scope link  src 213.91.108.250
213.91.108.248/29 dev ipsec0  proto kernel  scope link  src 213.91.108.250
217.30.248.0/24 dev eth2  proto kernel  scope link  src 217.30.248.135
192.168.0.0/24 dev eth1  proto kernel  scope link  src 192.168.0.1
192.168.0.0/16 via 213.91.208.249 dev ipsec0
127.0.0.0/8 dev lo  scope link
default via 213.91.108.249 dev eth0  metric 1
default via 217.30.248.1 dev eth2  metric 2




Any help is very appreciated.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [LARTC] Routing Mail traffic problem !
  2005-05-12 14:03 [LARTC] Routing Mail traffic problem ! Stanislav Nedelchev
@ 2005-05-12 14:47 ` Peter Surda
  2005-05-12 23:30 ` Francisco Pereira
  1 sibling, 0 replies; 3+ messages in thread
From: Peter Surda @ 2005-05-12 14:47 UTC (permalink / raw)
  To: lartc

On Thu, May 12, 2005 at 05:03:35PM +0300, Stanislav Nedelchev wrote:
> The problem is that i can't check e-mails if server name in e-mail client is
> mail.mail.org i can check e-mail only if server addrress is 192.168.0.2
You don't do things like this with routing, but with NAT. More specifically,
you have to DNAT mail.mail.org to your private IP, and SNAT your LAN to the
public IP of the router (well, not necessarily that one but an external IP).

Supposing mail.mail.org resolves to 1.2.3.4, and your router is 1.2.3.5, you
do something like:

iptables -t nat -A PREROUTING -d 1.2.3.4 -j DNAT --to-destination 192.168.0.2
iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -d 1.2.3.4 -j SNAT --to-source 1.2.3.5

Bye,

Peter Surda (Shurdeek) <shurdeek@routehat.org>, ICQ 10236103, +436505122023

-- 
                   three saints: looser & lamer & hacker
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [LARTC] Routing Mail traffic problem !
  2005-05-12 14:03 [LARTC] Routing Mail traffic problem ! Stanislav Nedelchev
  2005-05-12 14:47 ` Peter Surda
@ 2005-05-12 23:30 ` Francisco Pereira
  1 sibling, 0 replies; 3+ messages in thread
From: Francisco Pereira @ 2005-05-12 23:30 UTC (permalink / raw)
  To: lartc

Stanislav Nedelchev wrote:
> Etx1 - First Internet Line  - eth0 
> Ext2 - Second Internet line - eth2
> LAN - Local Area Network - eth1
> 
> 
> Other traffic - Ext1 -------+-------+--------------- Ext2 ---Web goes Here
> 		       eth0 |	    |eth2
> 			+-------+-------+
> 			|     ROUTER	|
> 			+----+------+---+
> 			        |eth1
> 192.168.0.0/24 -----------------+
> 				|
> 192.168.0.1/24------------------- - Gateway
> 				|
> 192.168.0.2/24------------------- - Mail.Mail.org
> 
> 
> The problem is that i can't check e-mails if server name in e-mail
> client is mail.mail.org
> i can check e-mail only if server addrress is 192.168.0.2

It seems like a name resolution problem.
Did you checked that mail.mail.org resolves (from the client) to 
192.168.0.2 ?

Regards,
Francisco.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2005-05-12 23:30 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-05-12 14:03 [LARTC] Routing Mail traffic problem ! Stanislav Nedelchev
2005-05-12 14:47 ` Peter Surda
2005-05-12 23:30 ` Francisco Pereira

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox