On Tuesday 14 April 2009 22:12:27 Support CETEMMSA wrote: > Virtual Mail Server > ETH0: 192.168.10.24 > GW: 192.168.10.1 > > Shorewall Firewall > ETH0: 192.168.10.1 > ETH1: 212.31.41.116 (IP ALIAS) and 212.31.41.88 > > When my mail server try to delivery an email to any external mail server > (hotmail, gmail, ...) this external mail server watch the internal IP and > refuse the mail because this is an internal IP. I need that the external > server watch the IP 212.31.41.116 instead of 192.168.10.24. I use DNAT for > any comupter watch the port 80, 25 and 110 from internet (using the > 212.31.41.116 IP ADDRESS).
Mmmh sorry but I don't think that you are experiencing problems with externals MTAs due to NAT, because your internal MTA is sending mails from a public IP address (I guess 212.31.41.88 which maybe is your default IP?), cause otherwise it wouldn't simply work: remote MTA would have no chance to communicate with a reserved private address as 192.168.10.24 is. Anyway, maybe what you're looking for is to edit /etc/shorewall/nat and put something like this: 212.31.41.116 eth0:0 192.168.10.24 yes which will NAT all the traffic from 192.168.10.24 to appear externally as being from 212.31.41.116, assuming eth0:0 is the alias you want. Obviously you have to open the communication with the correct rule in /etc/shorewall/rules HTH (and if I'm saying nonsenses, list please correct me, thanks :) -- Davide Ferrari Atrapalo.com System Administrator ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
