On Tuesday 09 December 2003 7:49 pm, Michael Gale wrote:
> hmmm.... what about ICMP redirect ?
>
> I can not remember if the host you are redirecting to has to be on the same
> subnet as the client host :(
Unfortunately ICMP redirects would affect ALL connections coming in to the
machine, SMTP, DNS, or anything else.
I do not think this is what Örjan wants to happen.
Antony.
> On Tue, 9 Dec 2003 20:40:19 +0100 Örjan Persson <orange@xxxxxxxxx> wrote:
>
> > Antony Stone (Antony@xxxxxxxxxxxxxxxxxxxx) wrote:
> > > If it is not true that the real source IP and the real destination IP
> > > exist on the same interface of the netfilter machine, repost your query
> > > with a bit more detail and we may be able to help futher.
> >
> > The situation is that I have a hostname where there are both SMTP and
> > DNS services atm. The mail service is beeing migrated to another host,
> > and since I can't just change the IP for the hostname (would break DNS
> > services) I would like to have a temporary redirect to the new
> > mailservice for the SMTP-service, until the ppl using it has changed
> > their mail settings to use the new hostname.
> >
> > So, I have two external host with two external IP's. They exists on the
> > same subnet too. Both uses the same gateway.
> >
> > These are the rules I tried to use, which translates the users IP to the
> > first servers IP:
> > iptables -t nat -A PREROUTING -p tcp --dport 33 -i eth0 -j DNAT --to
> > host2:44 iptables -t nat -A POSTROUTING -d host2 -p tcp --dport 25 -j
> > SNAT --to host1
> >
> > Hope that's enough information to get you into my problem!
> >
> > Thanks for letting me take your time! :)
--
It is also possible that putting the birds in a laboratory setting
inadvertently renders them relatively incompetent.
- Daniel C Dennet
Please reply to the list;
please don't CC me.
