Redirecting mail

Ilo Lorusso sneak at ipnoc.co.za
Sat Apr 9 17:59:10 CEST 2005


Hi,
I would just like to confirm with you, if machine 192.168.16.56 is to on the 
same switch but 3 hops away will the method you describe still work?



----- Original Message ----- 
From: "Taylor, Grant" <gtaylor at riverviewtech.net>
To: "Ilo Lorusso" <sneak at ipnoc.co.za>; <netfilter at lists.netfilter.org>
Sent: Friday, April 08, 2005 9:29 PM
Subject: Re: Redirecting mail


> This mail server in question (172.20.128.56), is it just used for sending
> email from your internal network out to the world or are you expecting 
> email
> from the world to come inbound to it too?  Are you wanting this mail 
> server
> to continue using the internet connection that it has for all traffic 
> except
> SMTP or are you wanting all outbound traffic to pass through 
> 192.168.16.56?
>
> I would be tempted to use a combination of IPTables and IP routing rules.
> Namely I'd do something like the following on the mail server
> (172.20.128.56)
>
> iptables -t nat -A OUTPUT -p tcp --sport 25 -j MARK --set-mark $SMTP_Mark
> ip route add table $IPRoute2_SMTP_Table 192.168.16.0/24 dev
> $DEV_of_internal_network src $IP_of_DEV_of_internal_network
> ip route add table $IPRoute2_SMTP_Table default via 192.168.16.56
> ip rule add fwmark $SMTP_Mark table $IPRoute2_SMTP_Table
>
> Where:
> $SMTP_Mark is the value you want to use to mark the packets that need to 
> use
> the alternant route.
> $IPRoute2_SMTP_Table is the name as it appears in /etc/iproute2/rt_tables 
> or
> the number of the table that you want to use.
> $DEV_of_internal_network is the device name of your internal network
> interface.
> $IP_of_DEV_of_internal_network is the IP address of the device name of 
> your
> internal network interface.
>
> This should cause any traffic that leaves the mail server in question to
> pass through the alternent route out to the internet.  If you have any
> questions or need more help let me know and I'll see what I can do.
>
>
>
> Grant. . . .
> 




More information about the netfilter mailing list