saz wrote:> Hi guys im trying to make a port redirecction using iproute together with
iptables mangle option .. but for some strange reason is not working yet, I know
i can do it in a diferent way, but the idea is using packet marking and redirect
the packets with a rule.
>
> I have two computers PC1 and PC2
>
> PC1: 192.168.0.1 this is the one connected to internet, and this machine
make the redirection
> PC2: 192.168.0.2 this is the smtp server
>
> So this is what i do in PC1:
>
> first i mark all the packets incoming for 25 port with "1":
>
> iptables -t mangle -A PREROUTING -p tcp --dport 25 -j MARK --set-mark 1
>
> then i create a table called smtp:
>
> echo 200 smtp >> /etc/iproute2/rt_tables
>
> after that i set PC2 as default via for my smtp table:
>
> ip route add default via 192.168.0.2 table smtp
>
> and finally i make the rule for smtp table
>
> ip rule add fwmak 1 table smtp
>
> this would have to work, but is not redirecting nothing...
>
> i can see that is making the packets with 1 using the command iptables -t
mangle -L PREROUTING -v but is not working, any one can help me?
I am not sure, but I think your rules will just make smtp packets try to
use 192.168.0.2 as a gateway rather than whatever your normal gateway
is. I guess you really need to dnat them to 192.168.0.2. using iptables.
Andy.
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/