> That is very odd. Do you have other rules in place that could be > interfering with what you are doing? I have a dozen or so other rules that do the same thing for different IP's (this is a load balancer). > Normally with a server behind a NAT all I need to do is DNAT the traffic > and allow the returning traffic to pass back out through the same NATing > system and allow it's outbound MASQUERADEing / SNAT to hide the internal > source IP address. Well I thought that's what I was doing with that SNAT rule. =) > If you do not have this type of scenario but rather both the redirecting > IP and the real mail server's IP are both globally routable, then you > may need to do something else. Is this possibly the case? Yeah, both machines have globally routable IP's. John -- John Madden Sr. UNIX Systems Engineer Ivy Tech Community College of Indiana jmadden@xxxxxxxxxxx - To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
