[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Diverting smtp traffic

Hello Jeremy 

On 14 Feb 2002, at 9:14, Jeremy C. Reed wrote:

> > old server directly to the new one.  I have tried  "ipmasqadm --
> > portfw" but there is no masquerading involved and it does not work. 
> Does not work? (Show us.)

This machine has two network cards, one with masquerading onto 
a private LAN.  However the second mail server is on the public 

There is already forwarding of certain ports to machines inside the 
LAN, which works perfectly.  So the kernel must have all the correct 
options compiled into it.


>  Try something like:
>  ipmasqadm portfw -a -P tcp -L 25 -R 25

This is exactly what I am running, but it does not work. (It would work 
if the redirected IP was already being masqueraded.)




    Port forwarding uses the existing masquerading scheme to do all
    the rewriting of packets. The masquerading table (what you see
    when you type netstat -M or ipfwadm -M -l) is setup as if the
    connection started internally. 


Which may give a clue why it does not work on IP's for which there 
is no masquerading configured.

> Your remote interface needs to listen on the original IP too.

Yes, I have checked that.

It seems I will have to upgrade to kernel 2.4.  

I thought there might be an inetd replacement that could do this 
(with correction of the source address IP).

As this is an old stable machine, and I don't want to fiddle too much, 
I think I will try another option - updating the mail server 
configuration to match that on our main server.



Ian Forbes ZSD
Office: +27 21 683-1388  Fax: +27 21 674-1106
Snail Mail: P.O. Box 46827, Glosderry, 7702, South Africa

Reply to: