saz wrote:
Hi guys im trying to make a port redirecction using iproute together with
iptables mangle option .. but for some strange reason is not working yet, I
know i can do it in a diferent way, but the idea is using packet marking and
redirect the packets with a rule.
I have two computers PC1 and PC2
PC1: 192.168.0.1 this is the one connected to internet, and this machine make
the redirection
PC2: 192.168.0.2 this is the smtp server
So this is what i do in PC1:
first i mark all the packets incoming for 25 port with "1":
iptables -t mangle -A PREROUTING -p tcp --dport 25 -j MARK --set-mark 1
then i create a table called smtp:
echo 200 smtp >> /etc/iproute2/rt_tables
after that i set PC2 as default via for my smtp table:
ip route add default via 192.168.0.2 table smtp
and finally i make the rule for smtp table
ip rule add fwmak 1 table smtp
this would have to work, but is not redirecting nothing...
i can see that is making the packets with 1 using the command iptables -t mangle -L PREROUTING -v but is not working, any one can help me?
I am not sure, but I think your rules will just make smtp packets try to
use 192.168.0.2 as a gateway rather than whatever your normal gateway
is. I guess you really need to dnat them to 192.168.0.2. using iptables.
Andy.
___
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
