LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-22-2005, 12:43 PM   #1
5amYan
Member
 
Registered: Apr 2002
Location: The District
Distribution: FreeBSD, OBSD maybe Gentoo and Winblech XP
Posts: 291

Rep: Reputation: 30
forward port to another on the same IP


I have an SMTP-AUTH server set up for our clients. It works great except for ISP who filter port 25.

So I would like to forward/proxy all traffic on port , say 6025, to port 25 on the same IP address.

Is there an easy IPtables rule to use or do I have to get NAT involved?

Any pointers or help would be greatly appreciated.

TIA,
5
 
Old 08-23-2005, 08:36 AM   #2
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
You could use the REDIRECT target, if your server listens on 127.0.0.1
eg..
iptables -t nat -A PREROUTING -i ethx -p tcp --dport xxxx -j REDIRECT --to-ports 25

If the ISP doesn't block port 465 you may be better to set up the smtp server to use TLS on port 465 and do AUTH inside the TLS wrapper, effectively keeping the logins & passwords secure..
Ports 465 and 587 are reserved for TLS..
Most clients know 465 automatically for secure ports.
 
Old 08-23-2005, 12:26 PM   #3
5amYan
Member
 
Registered: Apr 2002
Location: The District
Distribution: FreeBSD, OBSD maybe Gentoo and Winblech XP
Posts: 291

Original Poster
Rep: Reputation: 30
I did. I did this.

#sudo /sbin/iptables -t nat -A PREROUTING -p tcp --dport 2525 -i eth0 -j REDIRECT --to-ports 25
#sudo /sbin/iptables-save ~/iptables
#sudo mv /etc/sysconfig/iptables /etc/sysconfig/iptables.bak

test to maske sure it is working

#sudo cp ~iptables /etc/sysconfig/iptables
#sudo /etc/init.d/iptables restart

test again.

best,
5

PS am forwarding 465 and 587 also. TLS is an option but not required as not all our clients clients support it.


Last edited by 5amYan; 08-23-2005 at 12:32 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Can forward port 80 but not others capbob Linux - Networking 4 05-20-2005 08:02 PM
A way to forward an IP/Port to another system's IP/Port astroboy5714 Linux - Networking 6 01-26-2004 06:45 PM
port forward help please indy317 Linux - Networking 2 07-18-2003 03:21 PM
Port forward help please hanxuerui Linux - Networking 6 05-05-2003 02:20 PM
Forward port port 80 to lan web server dulaus Linux - Networking 9 10-04-2002 04:45 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:46 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration