On Tue, 28 Jan 2003, Greg Pascual wrote: > hello guys!!! Can someone help me on my problem > regarding iptables??? > > This has been my problem a month now.. I'm running a > redhat 7.3 firewall server with two NICs; eth0 facing > the internal network (192.168.0.x) and eth1 facing the > internet (external network). Now I wish to forward all > traffic on eth1, port 25 to another to my mail server > (say, 192.168.0.2). I did something like: > > iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j > MASQUERADE > iptables -A FORWARD -p tcp --dport 25 -d 192.168.0.2 > -j ACCEPT > iptables -A PREROUTING -t nat -p tcp --dport 25 -d > x.x.x.x -j DNAT > --to 192.168.0.2 >
AFAIK, i believe this will not work as you are trying to mix setting up a tcp listening service on your box with IP FORWARDING/NAT. you don't need to use iptables for that, you need a tcp forwarder like in.tproxyd or balance which will forward traffic going to your box going to your internal mailhost. i'd go a bit further in that i'd install postfix with header/body filters and anti-virus scanning so that the mail going into your internal server is filtered in one way or another. _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
