Date: Sun, 31 Oct 2004 23:48:32 +0100 From: Christian Hiris <4711@chello.at> To: freebsd-questions@freebsd.org Cc: Bill Eccles <Bill.lists@eccles.net> Subject: Re: ipfw configuration to intercept SMTP traffic Message-ID: <200410312349.08193.4711@chello.at> In-Reply-To: <BDAAB798.10AE%Bill.lists@Eccles.net> References: <BDAAB798.10AE%Bill.lists@Eccles.net>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 31 October 2004 21:39, Bill Eccles wrote: > Gentleones, > > I have a commercial website/mail product running on a box. Unfortunately, > the product is not so smart and when it needs to bounce something, it > ignores the SMTP "Always Relay Via" setting and attempts to connect > directly to the mail exchanger for the domain it's bouncing to. > > So what I figure I can do is redirect port 25 of "me" to any to port 25 of > the upstream server at aa.bb.cc.dd. That makes sense, right? So I'd > probably use: You mean redirect [from me to any destination-port 25] to upstream server aa.bb.cc.dd port 25? > ipfw add 8000 divert 25 all from me to aa.bb.cc.dd via en0 Your rule seems to be wrong. It uses port 25 to setup the divert-socket, and matches all source-ports. The divert-socket default-port is 8668 (natd). ipfw add 8000 divert natd all from me to any 25 via en0 Are you running natd on your machine? Natd reads/writes the packets from/to the divert-socket and changes IP-address and portnumber as defined by natd options or in your natd.conf file. In your case I would run natd with the option '-proxy_rule port 25 server aa.bb.cc.dd:25'. Natd-setup is documented in 'man 8 natd'. HTH, ch - -- Christian Hiris <4711@chello.at> | OpenPGP KeyID 0x3BCA53BE OpenPGP-Key at hkp://wwwkeys.eu.pgp.net and http://pgp.mit.edu -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBhWvk09WjGjvKU74RAh6VAJ9H6yEohPLFCBSRdJ+SNDA3nOycrACfaVqo C4tHUn2wstlv22ktbSCaFKU= =4jCL -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200410312349.08193.4711>