The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped automatically by the mailing list software.
--- Begin Message ---Would it make sense to turn on a mark as the 2nd line of zone_wan_prerouting and then clear it just before we fall out the bottom? > On Nov 10, 2024, at 2:53 PM, Paul D <newt...@gmail.com> wrote: > > Shooting from the hip a bit here, but how about a fwmark? > > > # set mark for remapped traffic > iptables -t mangle -A PREROUTING -p tcp --dport 23 -m conntrack --ctstate > DNAT -j MARK --set-mark <mark> > > # apply tarpit if not remapped > iptables -A INPUT -p tcp --dport 23 -m mark ! --mark <mark> -j TARPIT > > > > On 2024-11-10 21:49, Philip Prindeville wrote: >> Hi, >> >> I’m still using firewall3 (yeah, yeah, I know). >> >> I remap certain ports, and I TARPIT them on the well-known service port, but >> that’s also catching the remapped destination port. >> >> For instance, let’s say I run Telnet (I don’t, but we’ll use it as an >> example) from 2300 to 23. I want to TARPIT traffic arriving (unmapped) on >> 23, but traffic remapped from 2300 to 23 I don’t want to TARPIT. >> >> How do I differentiate these in the rules? I thought the MARK might give a >> hint but it doesn’t. >> >> Is there another attribute I can use? >> >> Thanks, >> >> -Philip >> >>
--- End Message ---
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
