On Sunday 25 July 2004 04:10, Julien wrote: > Jens wrote: > >I am trying to trace a problem I have in redirecting my mail traffic to a > >different ISP. I have set up a whole bunch of logging rules but am still a > >bit mystified and could use some clarification.... > > > >The setup (shortened somewhat for this example): > >Cable connection coming into a firewall/router going to a mail server in > > the DMZ. > >The interface on the firewall/router that the cable uses (to the internet) > > is eth0. The interface on the firewall/router to the DMZ is eth3 > > > >I log all (I believe) destination port 25 packets going thru the firewall. > > The current setup does not do any redirection of traffic to port 25 - > > everything goes out the default interface eth0 and the whole setup works. > > I am trying to get a baseline as to what I should see when I do the > > redirection later on. To run my test, I am on the mailserver box and I > > initiate a telnet to a remote ISP's mail server on port 25. > > > >The log messages I see are as follows: > > > >the first packet shows a traversal thru the nat filters as expected > >The source and destination IP's are always the same - the source is always > > the ip of my mail server and the destination is always the ip of the > > remote ISP's mail server > > > >mangle preroute in eth3 src <Mailserver> dst <destination of mail> > >nat preroute in eth3 > >mangle forward in eth3 > >mangle postroute out eth0 > > > >the second packet no longer shows traversal thru the nat filter > >mangle preroute in eth3 > >mangle forward in eth3 > >mangle postroute out eth0 > > > >The things that I am having problems understanding are: > > > >1) I see the packet going into eth3, doing the preroute, the forward but I > > see no postroute on eth3. I also don't see the packet going into eth0 or > > doing anything until it comes out the postroute table. Why isn't there > > anything in between ? > > > >2) The connection I establish is from a local ip 192.168.1.2 to the ISP's > > mail server on the internet. The connection is fully functional so it's > > nat'ed properly. Why is it that I don't see the change of source IP in > > the mangle postroute (as the packet comes out of eth0 which is the > > internet interface) ? Why don't I see the address change anywhere ? > > > >I am sorry to ask such basic questions but this stuff is crucial in me > >figuring out what is happening and I have not managed to put the clues > >together from the documents and how-to's that I have studied so far. > > > >Thanks > > > >Jens > >_______________________________________________ > >LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > > I'm trying to do the same thing, as you can see from my previous posts, > it's working a little better as redirection works. Can you show us the > ip route add, iptables -t mangle and ip route add command lines you used > so we can check what could be wrong ? > > Julien I don't want to post the entire thing as this box runs a firewall and there are gaggles of rules. In it's current configuration, everything works the way it's supposed to so there is actually nothing wrong (yet) - I am trying to get a complete understanding of what is happening so that I can then set up redirection and see what is wrong. I am using a test script (attached) in the hopes of seeing the entire flow of packets thru the system. As noted above, I am trying to figure out why for example I don't see packets that have gone thru eth3 and are going into eth0 in the eth0 pre-routing section. Above all, why don't I see any traffic with the nat-ed ip addresses. I know that the address translation works but why am I not seeing it in the logs - is there some chain/table/rule I am missing ? Jens
Attachment:
routing.test
Description: application/shellscript
