Re: Redirecting mail - Ilo Lorusso

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: "Ilo Lorusso" <sneak@ipnoc.co.za>
To: Rob Sterenborg <rob@sterenborg.info>
Cc: netfilter@lists.netfilter.org
Subject: Re: Redirecting mail
Date: Fri, 8 Apr 2005 13:43:45 +0200	[thread overview]
Message-ID: <001801c53c30$386ecf10$648045ac@sneak> (raw)
In-Reply-To: MS_LEU1tDJt12e1s8HA000007ef@smtp.ttp.nl

this is strange...


Ive got another mailserver 172.24.128.56 ..
now if I put that rule in

 iptables -t nat -A OUTPUT -p tcp -m multiport --dports smtp  -j 
DNAT --to-destination 192.168.12.56

and if I try telnet to any mail server on the internet , i connect to 
192.168.12.56 (Which should happen on 172.20.128.56)

[root@poscpt0h01 root]# telnet 196.31.155.18 25
Trying 196.31.155.18...
Connected to 196.31.155.18.
Escape character is '^]'.
220 prxsaa0z02.ipnetwork.co.za ESMTP Sendmail 8.12.8/8.12.8; Fri, 8 Apr 2005 
17:30:45 +0200


is there noway to make it connect directly to 196.31.155.18, but using 
192.168.12.56 as a gateway





----- Original Message ----- 
From: "Rob Sterenborg" <rob@sterenborg.info>
To: <netfilter@lists.netfilter.org>
Sent: Friday, April 08, 2005 12:58 PM
Subject: RE: Redirecting mail


>> Now what i would like to know is there a way I could route
>> all out going mail from 172.20.128.56 to 192.168.16.56 using
>> iptables DNAT.
>>
>> First of all, is it possible to do what I want to do? and
>
> The networks seem to be connected, so can't you just configure a
> smtp-forwarder in your MTA configuration ? That would be easier I think.
>
>> would I use iptables or iptables with something else?
>
> No, just iptables would be enough.
>
>> This is what ive tried...
>>
>> on 172.20.128.56 (Red Hat Linux release 7.3)
>> i issue the command  :
>> iptables -t nat -A OUTPUT -p tcp -m multiport --dports smtp
>> -j DNAT --to-destination 192.168.12.56
>
> There is no need to use multiport because you only DNAT 1 port : smtp.
> But that should not be a problem.
>
> iptables -t nat -A OUTPUT -p tcp --dports smtp \
> -j DNAT --to-destination 192.168.12.56
>
>> now when im on 192.168.12.56 (Red Hat Linux release 9 (Shrike) )
>> and do a tcpdump greping for smtp I see connections from 172.20.128.56
>> but not exactly sure what its doing.. but what i know, from
>> 172.20.128.56 I cant make smtp connections out to the internet..
>
> A few obvious tests :
> Do you see mail coming in from 172.20.128.56 into the queue of
> 192.168.12.56 ?
> Is mail from 172.20.128.56 "for the internet" being delivered ?
>
> If it's not working, do you have other iptables rules that prohibit this
> from working ?
>
>
> Gr,
> Rob
>
>
>
>
> ********* DISCLAIMER *********
> De informatie in dit E-mail bericht is uitsluitend bestemd voor de 
> geadresseerde. Verstrekking aan en gebruik door anderen is niet 
> toegestaan.
> Door de elektronische verzending van het bericht kunnen er geen rechten 
> worden ontleend aan de informatie. TTP staat niet in voor de juiste en 
> volledige overbrenging van de inhoud van een verzonden E-mail, noch voor 
> tijdige ontvangst daarvan.
>
>

next prev parent reply	other threads:[~2005-04-08 11:43 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-04-08 10:26 Redirecting mail Ilo Lorusso
2005-04-08 10:58 ` Rob Sterenborg
2005-04-08 11:38   ` Ilo Lorusso
2005-04-08 12:06     ` Rob Sterenborg
2005-04-08 18:57     ` Taylor, Grant
2005-04-08 11:43   ` Ilo Lorusso [this message]
2005-04-08 19:29 ` Taylor, Grant
2005-04-09 15:59   ` Ilo Lorusso
2005-04-09 18:58     ` Grant Taylor
2005-04-11 15:05       ` Ilo Lorusso

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='001801c53c30$386ecf10$648045ac@sneak' \
    --to=sneak@ipnoc.co.za \
    --cc=netfilter@lists.netfilter.org \
    --cc=rob@sterenborg.info \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox