> if you want to use an other port for SMTP you can try this > > iptables -t nat -I FORWARD -p all --dport 25 -j DROP > iptables -t nat -I PREROUTING -i eth0 -p tcp -s 192.168.0.1/24 --dport > 25 -j REDIRECT --to-port 4567 > but you have to setup your email server port 4567 no, this create smtp smarthost on port 4567. > iptables -A POSTROUTING -t nat -p tcp --dport 2525 -j SNAT --to $extIF:25 > Is that what you wanted? no, no, this change _source_ port, I need target 'SNAT' and change _destination_ port. PC from internal network may connect to ANY smtp server in the world (not local smarthost), but must manualy setup other port. Examples: A. Internal network Outlook (192.168.0.5 via Linux 1.2.3.4): setup smtp server: 195.205.84.133 port 2525 - Connection LAN: 192.168.0.5:1024 -> 195.205.84.133:2525 - SNAT+DNAT/PORT Internet: 1.2.3.4:65000 -> 195.205.84.133:25 B. Internal network WORM (192.168.0.5 via Linux 1.2.3.4): smtp server: 195.205.84.133 port 25 - Connection LAN: 192.168.0.5:1024 -> 195.205.84.133:25 - DROP -- Sergiusz Różański rozanski.at.sergiusz.dot.com sq3bkn RTG project http://gg.overwap.net RMXF Postfix project http://rmxf.comm.pl
