if you want to use an other port for SMTP you can try this
iptables -t nat -I FORWARD -p all --dport 25 -j DROP
iptables -t nat -I PREROUTING -i eth0 -p tcp -s 192.168.0.1/24 --dport 25 -j
REDIRECT --to-port 4567
but you have to setup your email server port 4567
best regards
----- Original Message -----
From: "Antony Stone" <Antony@xxxxxxxxxxxxxxxxxxxx>
To: <netfilter@xxxxxxxxxxxxxxxxxxx>
Sent: Saturday, May 08, 2004 12:06 PM
Subject: Re: ip/snat + port/dnat
On Friday 07 May 2004 10:09 pm, Różański Sergiusz wrote:
> I need dissable routing to smtp servers, and enable smtp on non-standard
> port. Like this:
>
> -p tcp -s 192.168/16 -dport 25 -j DENY
iptables -A FORWARD -p tcp -s 192.168.0.0/16 --dport 25 -j DROP
> -p tcp -s 192.168/16 --dport 2525 -j TARGET_LIKE_SNAT --to
$ext_if --to-port
> 25
iptables -A POSTROUTING -t nat -p tcp --dport 2525 -j SNAT --to $extIF:25
> don't change destination ip.
> possible?
Is that what you wanted?
Antony.
--
In science, one tries to tell people
in such a way as to be understood by everyone
something that no-one ever knew before.
In poetry, it is the exact opposite.
- Paul Dirac
Please reply to the
list;
please don't CC
me.
