On Thursday 16 May 2002 9:12 am, Eugene Joubert wrote: > Hi, > > I use this script: > > iptables -t nat -A PREROUTING -p tcp -i eth0 -d EXTIP -s 0/0 --dport 25 -j > DNAT --to intip > > iptables -A FORWARD -p tcp -i eth0 -o eth1 -m state --state > NEW,ESTABLISHED,RELATED -d intip --dport 25 -j ACCEPT > > I am thinking a routing problem cause I have tried just about everything I > know. Using tcpdump I can see that packet coming in and being forwarded to > my intip and port 25. That's as far as I get....
Are you saying that tcpdump shows you the packet going to the mail server, but doesn't show a reply coming back again ? If so, you need to check the routing on yur mail server - does it know to use the firewall's internal IP as the gateway address to the rest of the world ? Hope this helps, Antony.
