Andreas Onderka escribió: > Hello > > Pascal Hambourg schrieb: >> Hello, >> >> Jason Voorhees a écrit : >>> >>> I have a linux box with multiple ip addresses: >>> >>> eth0 -> IP1 >>> eth0:0 -> IP2 >>> eth0:1 -> IP3 >>> eth0:2 -> IP4 >>> >>> All outgoing traffic is using IP1 as source address. But now I want >>> to use a different IP address (IP1, IP2, IP3 or IP4) as the source >>> address for all smtp outgoing packets locally generated in my linux >>> box. >>> >>> I decided to mark such packets like this: >>> >>> iptables -t mangle -A PREROUTING -p tcp --dport 25 -j MARK >>> --set-mark 0x19 >> >> This won't help for two reasons. First, the PREROUTING chains only >> catch incoming packets, not locally genenerated packets (except on >> the loopback interface). Locally genenerated packets hit the OUTPUT >> and POSTROUTING chains. Second, source address selection occurs >> before the packet hits the iptables chains, so mark-based routing can >> only change the output interface and next hop, not the source address. >> >> You have two options. Set the desired source address in the SMTP >> applications if such option is available. Or use an iptables rule >> with the SNAT target in the POSTROUTING chain to change the source >> address of outgoing SMTP packets. >> >> > > Think also an iptablerule is much more easyer. > iptables -t nat -A POSTROUTING -p tcp -o <extIF> --sport 25 -j SNAT > --to-source <IP2> Don't forget that the SNAT target is for static ip.
Otherwise, you should use MASQUERADE if you are on a dynamic IP address. Greetings, -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
