Hi all, I am using netfilter based firewalls sind several years now w/o any problems, same goes for netfilter based NAT. Now I want to forward all incoming traffic on smtp port 25 on a gateway to an intern MS Exchange mailserver, so I tried to use this rule, as allways: $IPTABLES -t nat -A PREROUTING -i $E_NIC -p tcp --dport 25 -j DNAT --to-destination 192.168.120.10:25 (where $IPTABLES is the iptables binary, and $E_NIC is extern NIC "ppp0") I never had any problems with this rule, and I use the same with http port 80 for MS Exchange webserver on the same net, w/o any problems. But: After activating this rule and connectiong via telnet to port 25 on external address, I can connect to Exchange server, but connection immedeately is dropped afterwards (I get the "Connected to ..." and "Escape character is '^]'." lines, but after that a "Connection lost"). When I disable this rule and use rinetd [1] to forward smtp traffic instead, I get no errors and can connect to the Exchange server via telnet. So my question: Is this an iptables or an Exchange issue? Do I have to provide another rule or change my existing rule to be able to connect to a MS Exchange server? I don't think it's an Exchange problem, since everything is ok when I use rinetd, as said. Hopefully someone can help me, I have no ideas left :( Greetings and TIA, Matthias footnote: [1] http://www.boutell.com/rinetd/ -- Mmm...incapacitating. -- Homer Simpson The Springfield Connection
