[LARTC] Problems with netfilter

Nikhil Jogia Thu, 22 Jan 2004 00:56:38 -0800

Hi,

I have 2 internet connections (1 adsl/1 cable). I am try to route all
outgoing mail from the mail server (on the same box), through the ADSL
connection routing through the cable will mean mail will get rejected by AOL
:( I am using qmail as the mail server.


The configuration is:

eth0 : cable connection
ppp0 : adsl connection
eth2 : internal lan connection

I have configured split access as described in LARTC section 4.2.1, and that
is working fine, however, routing outgoing mail is proving to be elusive.

I have turned off reverse path filtering, and, have loaded probably every
netfilter related kernel module.

Here are some more information :

IPTABLES RULES (I did them for all interfaces to see if it worked - it
didnt.)

iptables -t mangle -A PREROUTING -p tcp -i eth0 --dport 25 -j
MARK --set-mark 1
iptables -t mangle -A PREROUTING -p tcp -i eth1 --dport 25 -j
MARK --set-mark 1
iptables -t mangle -A PREROUTING -p tcp -i eth2 --dport 25 -j
MARK --set-mark 1
iptables -t mangle -A PREROUTING -p tcp -i lo --dport 25 -j MARK --set-mark
1
iptables -t mangle -A PREROUTING -p tcp -i ppp0 --dport 25 -j
MARK --set-mark 1

iptables -L -v -t mangle

Chain PREROUTING (policy ACCEPT 89929 packets, 26M bytes)
 pkts bytes target     prot opt in     out     source
destination
    0     0 MARK       tcp  --  eth0   any     anywhere             anywhere
tcp dpt:smtp MARK set 0x1
    0     0 MARK       tcp  --  eth1   any     anywhere             anywhere
tcp dpt:smtp MARK set 0x1
   11  1204 MARK       tcp  --  eth2   any     anywhere             anywhere
tcp dpt:smtp MARK set 0x1
   26  2152 MARK       tcp  --  lo     any     anywhere             anywhere
tcp dpt:smtp MARK set 0x1
    0     0 MARK       tcp  --  ppp0   any     anywhere             anywhere
tcp dpt:smtp MARK set 0x1

ip route show

yyy.yyy.yyy.yyy dev ppp0  proto kernel  scope link  src xxx.xxx.xxx.xxx
zzz.zzz.zzz.zzz dev eth0  scope link  src zzz.zzz.zzz.zzz
192.168.0.0/24 dev eth2  scope link
zzz.zzz.zzz.zzz/22 dev eth0  proto kernel  scope link  src zzz.zzz.zzz.zzz
127.0.0.0/8 dev lo  scope link
default via zzz.zzz.zzz.zzz dev eth0

ip rule show

0:      from all lookup local
32755:  from xxx.xxx.xxx.xxx lookup T2
32756:  from zzz.zzz.zzz.zzz lookup T1
32760:  from all fwmark 0x1 lookup mail
32766:  from all lookup main
32767:  from all lookup 253

ip route show table mail

default via xxx.xxx.xxx.xxx dev ppp0


I feel that I have tried everything to get this to work - read the archives,
googled, played with a million iptables rules, iproutes and loaded kernel
modules - but to no avail!

rtacct shows nothing.

Using mandrake 9.2 btw.

Please help!!!
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.563 / Virus Database: 355 - Release Date: 17/01/2004

_______________________________________________
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

[LARTC] Problems with netfilter

Reply via email to