LinuxQuestions.org - forward port to another on the same IP

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - forward port to another on the same IP (https://www.linuxquestions.org/questions/linux-security-4/forward-port-to-another-on-the-same-ip-355839/)

5amYan

08-22-2005 11:43 AM

forward port to another on the same IP

I have an SMTP-AUTH server set up for our clients. It works great except for ISP who filter port 25.

So I would like to forward/proxy all traffic on port , say 6025, to port 25 on the same IP address.

Is there an easy IPtables rule to use or do I have to get NAT involved?

Any pointers or help would be greatly appreciated.

TIA,
5

peter_robb

08-23-2005 07:36 AM

You could use the REDIRECT target, if your server listens on 127.0.0.1
eg..
iptables -t nat -A PREROUTING -i ethx -p tcp --dport xxxx -j REDIRECT --to-ports 25

If the ISP doesn't block port 465 you may be better to set up the smtp server to use TLS on port 465 and do AUTH inside the TLS wrapper, effectively keeping the logins & passwords secure..
Ports 465 and 587 are reserved for TLS..
Most clients know 465 automatically for secure ports.

5amYan

08-23-2005 11:26 AM

I did. I did this.

#sudo /sbin/iptables -t nat -A PREROUTING -p tcp --dport 2525 -i eth0 -j REDIRECT --to-ports 25
#sudo /sbin/iptables-save ~/iptables
#sudo mv /etc/sysconfig/iptables /etc/sysconfig/iptables.bak

test to maske sure it is working

#sudo cp ~iptables /etc/sysconfig/iptables
#sudo /etc/init.d/iptables restart

test again.

best,
5

PS am forwarding 465 and 587 also. TLS is an option but not required as not all our clients clients support it.

All times are GMT -5. The time now is 09:17 AM.