LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Modifying outgoing packets

[ILUG] Modifying outgoing packets

Adrian Flynn adrian.flynn at worldtravel.ie
Wed Sep 12 12:14:19 IST 2001 

Hi all

Could anyone advise how best to modify outgiong IP packets on a 2.2.16
machine (using ipchains)?
My ISP has moved my mail server which had a public static address, to a
private address, and set up a NAT on the firewall. This in itself is not a
problem, but a difficulty arises when my mail server attempts to send mail
to another NATed mail server within the ISP (many domains). A DNS lookup of
the MX records returns the public IP address which is unreachable from
within the private network. As far as I can see, there are a few options:
1.	Modify the mail server (Postfix) to do the MX lookup, and then check the
resulting IP address against a given list of mail servers known to the NATed
on our private network. If a match is found, then translate to private IP
address and continue as normal.
	I cannot find an option to do this in Postfix (smtp)

2.	Create 'dummy' local DNS MX entries for all domains which require
translation.
	This is messy and requires a lot of maintenance.

3.	Manipulate outgoing packets being sent to port 25 of the public IP
addresses for known mail servers on the NATed network, rewriting the
destination address to the private IP address. As far as I can tell, this is
what is known as DNAT in iptables, but this is a 2.2.16 machine so this is
not an option without a significant upgrade.

Does anyone have any ideas??

Thanks again

Adrian Flynn
World Travel Centre
35 Pearse Street
Dublin 2
Ireland
Ph +353-1-6717155
Fx +353-1-6777756
Email adrian.flynn at worldtravel.ie

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.274 / Virus Database: 144 - Release Date: 23/08/2001

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell