[afnog] SMTP Traffic Redirect
Chris Wilson
chris+afnog at aptivate.org
Thu Jun 17 14:47:23 UTC 2010
Hi Christian,
On Thu, 17 Jun 2010, Christian Muhirwa wrote:
> I went with option 3, setting up a gre tunnel between the smtp server
> and the router, and using route-map, changed the next hop ip address.
> All smtp traffic is being redirect however it is being dropped at the
> smtp server point. I imagine it's due to the fact that the destination
> IP address is different from the server's. I used iptables (iptables -t
> nat -A PREROUTING -i gretunnel0 -p tcp --dport 25 -j DNAT --to
> 127.0.0.1:25) but still it is being dropped.
I don't think you can DNAT to the localhost IP. Please use either another
IP on the same mail server, or use REDIRECT instead of DNAT.
If that doesn't help, please examine the traffic coming in on the GRE
tunnel with tcpdump to see if you can identify what's happening to it, and
check with "iptables -t nat -L -nv" that your rule is actually being hit.
Cheers, Chris.
--
Aptivate | http://www.aptivate.org | Phone: +44 1223 760887
The Humanitarian Centre, Fenner's, Gresham Road, Cambridge CB1 2ES
Aptivate is a not-for-profit company registered in England and Wales
with company number 04980791.
More information about the afnog
mailing list