LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 08-02-2003, 03:28 PM   #1
soltrain
LQ Newbie
 
Registered: Jul 2003
Posts: 4

Rep: Reputation: 0
Iptables redirect problem


I am trying to configure a program called pop3vscan(pop3vscan.sourceforge.net) that sits on your network and hijacks pop3 mail download requests from peers on the network, making the request itself so it can download and virus scan the mail before it sends it on to the original requesting desktop. (very cool ;] ) The program grabs packets on port 110, extracts the dest mail server, and makes a connection with that server. It requires iptables for its packet redirection and linux 2.4.

I am running RedHat 7.3 and have sucessfully compiled the program. I had to shut off ipchains and turn on iptables:

chkconfig --level 0123456 ipchains off
service ipchains stop
chkconfig --level 235 iptables on
service iptables start

I received no errors in doing this. I then followed the directions in the program to set iptables for redirect:

iptables -t nat -A PREROUTING -p tcp -i eth0 --dport pop3 -j REDIRECT --to 8110

However, it seems that iptables is not working correctly or is ignoring the packets or something.. I can see the service running, netstat shows listen on 8110 and syslog shows the service is waiting for connections. But when I make one of the clients request mail, I see no activity on my pop3virus scan box, and the client goes directly to its mail server and downloads itself.

I changed the clients outlook properties to make the request directly to my virus scan box on port 110, and in syslog I see the program connect and extract the "real" pop3 host address which in this case is the box ip itself because thats where I set it to connect in outlook. It then dies becuase it can't connect to the "real" pop3 server (itself).

I think this shows the program is infact working, and would work if I could get the box to redirect the mail requests it sees on the LAN to itself. I can only assume this is some kind of iptables problem..?

I am a linux newbie and do not know how to debug/check if iptables is working correctly or where the tables are actually stored. I did an iptables -L and nothing came up, although I think its not related.

Any suggestions?

edit:
When I told outlook to connect directly to my virus box on port 8110, I got the same kind of message in syslog ("real" mail server address is my virus box ip) except it helpfully told me that this would loop

Last edited by soltrain; 08-02-2003 at 04:38 PM.
 
Old 08-04-2003, 09:09 AM   #2
soltrain
LQ Newbie
 
Registered: Jul 2003
Posts: 4

Original Poster
Rep: Reputation: 0
bump?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables redirect patvrs Linux - Networking 15 08-02-2005 09:31 AM
iptables redirect _ben_deb_ Linux - Networking 7 11-13-2004 06:06 AM
IPTABLES redirect question yuzuohong Linux - Networking 3 01-01-2003 10:30 PM
iptables redirect slack Linux - Networking 0 06-17-2002 05:04 AM
iptables redirect bhartnett Linux - Networking 1 09-26-2001 10:11 PM


All times are GMT -5. The time now is 06:16 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration