Hi,
On Mon, Jan 19, 2009 at 09:58, Thom Paine <painethom@xxxxxxxxx> wrote:
> I think option 2 will work best for me. The box and connection on
> y.y.y.y is strictly for communicating with this other mail server I
> need to relay out, and receive only patient records mail from. If I
> rewrite the packets to appear to be from 10.10.10.4 I think this will
> work.
>
> What would the best option for this be? I'm thinking I will have to
> stop using the gshield firewall that I used to use, and jsut write the
> rules manually in iptables because there will only be 1/2 a dozen or
> so and once they are wrote, they will be permament.
I don't know gshield, but I think that if it supports port forwarding
it will probably support rewriting the source address too.
If you want to implement it with iptables, this page has exactly what
you need to do it:
http://kreiger.linuxgods.com/kiki/?Port+forwarding+with+netfilter
The key part in your case is "The POSTROUTING SNAT rule in the
nat-table (optional)", which is what you need to make it look like
it's coming from 10.10.0.4.
Let us know how that goes!
HTH,
Filipe
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
