From owner-freebsd-questions@FreeBSD.ORG Thu Feb 22 13:48:51 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C7F2716A404 for ; Thu, 22 Feb 2007 13:48:51 +0000 (UTC) (envelope-from Danovitsch@vitsch.net) Received: from amsfep17-int.chello.nl (amsfep17-int.chello.nl [62.179.120.12]) by mx1.freebsd.org (Postfix) with ESMTP id 0605913C48E for ; Thu, 22 Feb 2007 13:48:50 +0000 (UTC) (envelope-from Danovitsch@vitsch.net) Received: from Tuinhuisje.Vitsch.net ([62.195.87.223]) by amsfep13-int.chello.nl (InterMail vM.6.01.04.04 201-2131-118-104-20050224) with ESMTP id <20070222132651.WERE11605.amsfep13-int.chello.nl@Tuinhuisje.Vitsch.net>; Thu, 22 Feb 2007 14:26:51 +0100 Received: from self (f187184.upc-f.chello.nl [80.56.187.184]) (authenticated bits=0) by Tuinhuisje.Vitsch.net (8.13.1/8.13.1) with ESMTP id l1MDQVk0027033; Thu, 22 Feb 2007 14:26:45 +0100 (CET) (envelope-from Danovitsch@vitsch.net) From: "Daan Vreeken [PA4DAN]" Organization: Vitsch Electronics To: Frank Bonnet Date: Thu, 22 Feb 2007 14:26:30 +0100 User-Agent: KMail/1.9.1 References: <45DD84C1.70308@esiee.fr> In-Reply-To: <45DD84C1.70308@esiee.fr> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200702221426.30370.Danovitsch@vitsch.net> Cc: freebsd-questions@freebsd.org Subject: Re: Transparent redirect to another interface ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Feb 2007 13:48:52 -0000 Hi Frank, On Thursday 22 February 2007 12:55, Frank Bonnet wrote: > Hello > > I have a new mailhub with two ethernet gigabit interfaces, and I would like > to transparently redirect IMAP or POP3 requests to the second interface > which have a different IP address, to let the first interface drive the > SMTP traffic only. > > Is it possible ? This will avoid thousands of email clients > re-configuration to let users grab their incomming emails. "natd" can be used to do this. The following example assumes your external interface is called "sk0" and the seconde interface, connecting to the second server, is called "sk1" : # Start natd and tell it to forward pop3 traffic to the second server natd -n sk0 -redirect_port tcp ip_of_second_server_here:110 110 # Add ipfw rule to send incoming pop3 traffic through natd ipfw add 1000 divert natd tcp from any to me 110 via sk0 # Add ipfw rule to send responses from second server through natd ipfw add 1010 divert natd tcp from ip_of_second_server_here 110 to any via sk0 # or just use one ipfw rule : ipfw add 1000 divert natd all from any to any via sk0 But this will send ALL traffic through natd, only sending traffic that needs to be redirect through it is far more efficient. Hope this helps, -- Daan