Dear list, I am having some troubles getting a good redirection working for the following situation: [OUTSIDE WORLD]<--->[IN-BETWEEN NETWORK]<--->[OUR FIREWALL/MTA]<--->[REAL MAILSERVER] \---->[OTHER FIREWALL / MAILSERVER] We can send mail to the outside world fine, but not to the "other" mailserver. Some looking showed that connecting to the 'real internet address' of the 'other' host was not possible at all. A small fix was to create a DNAT rule which would redirect traffic to that machine to it's 'internal' IP address. It works fine... if this is done from a machine within the network, but not from the local machine. It appears that outgoing packets do not go through the firewall but just go out by themselves. Trying to get locally generated packages go through the firewall and make use of the PREROUTING chain is not working yet... These are the rules that work for traffic going from our inside NIC to the outside NIC, but not from local processes: $iptables -A PREROUTING -t nat --dest out.side.address1 -j DNAT --to-destination 10.0.100.1 $iptables -A PREROUTING -t nat --dest out.side.address2 -j DNAT --to-destination 10.0.100.2 putting these rules in the POSTROUTING chain results in errormessages. I am using Iptables 1.2.7a on kernel 2.4.20 Anyone any suggestions how I can solve this problem? Greetings, Michiel
