Hi,
I am trying to set up a firewall rule so calls to old_mailserver:25 get
redirected to localhost:25. I have seen quite a few rules and none seem
to work.
I have tried with the firewall enabled (configured to allow smtp) and
disabled, but it doesn't seem to make a difference.
One of the commands I have been using is:
/sbin/iptables -t nat -I PREROUTING -p tcp -d old_mailserver_ip/32
--dport 25 -j REDIRECT --to 127.0.0.1:25
Am I missing anything?
Thanks
Gabriel
___________________________________________________________
Yahoo! Mail is the world's favourite email. Don't settle for less, sign
up for
your free account today
http://uk.rd.yahoo.com/evt=44106/*http://uk.docs.yahoo.com/mail/winter07.html
Hi, Try this: iptables -t nat -A PREROUTING -p tcp -d old_mailserver_ip --destination-port 25 -j DNAT --to-destination 127.0.0.1:25 first last wrote:> Hi, > > I am trying to set up a firewall rule so calls to old_mailserver:25 get > redirected to localhost:25. I have seen quite a few rules and none seem > to work. > > I have tried with the firewall enabled (configured to allow smtp) and > disabled, but it doesn't seem to make a difference. > > One of the commands I have been using is: > /sbin/iptables -t nat -I PREROUTING -p tcp -d old_mailserver_ip/32 > --dport 25 -j REDIRECT --to 127.0.0.1:25 > > Am I missing anything? > > Thanks > > Gabriel > > > ___________________________________________________________ > Yahoo! Mail is the world's favourite email. Don't settle for less, sign up for > your free account today http://uk.rd.yahoo.com/evt=44106/*http://uk.docs.yahoo.com/mail/winter07.html > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >
On Mon, Jun 18, 2007 at 11:46:42AM +0100, first last wrote:> Hi, > > I am trying to set up a firewall rule so calls to old_mailserver:25 get > redirected to localhost:25. I have seen quite a few rules and none seem > to work. > > I have tried with the firewall enabled (configured to allow smtp) and > disabled, but it doesn't seem to make a difference. > > One of the commands I have been using is: > /sbin/iptables -t nat -I PREROUTING -p tcp -d old_mailserver_ip/32 > --dport 25 -j REDIRECT --to 127.0.0.1:25Try this: iptables -t nat -I PREROUTING -p tcp -d old_mail_server_ip --dport 25 \ -j REDIRECT iptables -t nat -I OUTPUT -p tcp -d old_mail_server_ip --dport 25 \ -j REDIRECT> Am I missing anything?Locally generated packets go through OUTPUT, but not PREROUTING, IIRC. -- lfr 0/0 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20070618/7293f2b2/attachment-0001.sig>
first last
2007-Jun-18 11:36 UTC
[CentOS] OT - IP Tables - forwarding to localhost - WORKS!!
--- Luciano Rocha <strange at nsk.no-ip.org> wrote:> On Mon, Jun 18, 2007 at 11:46:42AM +0100, first last wrote: > > Hi, > > > > I am trying to set up a firewall rule so calls to old_mailserver:25 > get > > redirected to localhost:25. I have seen quite a few rules and none > seem > > to work. > > > > I have tried with the firewall enabled (configured to allow smtp) > and > > disabled, but it doesn't seem to make a difference. > > > > One of the commands I have been using is: > > /sbin/iptables -t nat -I PREROUTING -p tcp -d old_mailserver_ip/32 > > --dport 25 -j REDIRECT --to 127.0.0.1:25 > > Try this: > iptables -t nat -I PREROUTING -p tcp -d old_mail_server_ip --dport 25 > \ > -j REDIRECT > iptables -t nat -I OUTPUT -p tcp -d old_mail_server_ip --dport 25 \ > -j REDIRECTThanks, this worked! This just saved me a reboot on the production servers :) Thanks to all who responded. Gabriel ___________________________________________________________ Yahoo! Answers - Got a question? Someone out there knows the answer. Try it now. http://uk.answers.yahoo.com/