[plug] NAT port forward problem
Cameron Patrick
cameron at patrick.wattle.id.au
Tue Sep 18 20:29:22 WST 2007
Adrian Chadd wrote:
> Its a multi-step process:
>
> * tag the packets in iptables;
> * setup policy routing in iproute2 to select a different routing table based on
> the marking you did in step 1;
> * configure your mail server to intercept the packets coming to it on port 25
It's definitely possible (or used to be) using less evil than that. I
seem to recall a different iptables target that you could use to force
the kernel to create a new connection that appeared to originate from
the firewall machine; failing that, you could always use -j REDIRECT to
a local port and do the forwarding in user space...
Cameron
More information about the plug
mailing list