Hello,
I need a quick solution... I am an iptables novice, but I have managed to get
a rather complex network setup with one small problem. Here is a diagram of my
setup (I know 99.x and 98.x are not proper internal IPs, I will get to that
later):
Http://208.45.203.98/fiber.jpg
The Yellow lines are fiber optics that seperate our 3 facilities. The idea
behind this network is to be able to have control over the VoIP, internet and
LAN/WAN traffic seperately, and ultimately implement some QOS. I am working on
just basic routing for now. Now for my problem. My email server is at the
corporate office at 10.10.10.2
Here is what I have in rc.local on the plant box (there is nothing in the
rc.local on the corporate box):
>>>>>>
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE
iptables -A PREROUTING -t nat -p tcp -d 24.154.84.34 --dport 25 -j DNAT --to
10.10.10.2:25
iptables -A PREROUTING -t nat -p tcp -d 24.154.84.34 --dport 110 -j DNAT --to
10.10.10.2:110
>>>>>>
Here are my routes on the plant box
>>>>>
[root@Cable root]# ip route show
99.0.0.0/24 dev eth0 scope link
172.10.0.0/24 via 192.168.20.10 dev eth2
24.154.84.0/24 dev eth1 scope link
98.0.0.0/24 via 192.168.20.10 dev eth2
192.168.20.0/24 dev eth2 scope link
172.30.0.0/24 via 192.168.20.10 dev eth2
172.20.0.0/24 dev eth3 scope link
10.10.10.0/24 via 192.168.20.10 dev eth2
192.168.10.0/24 via 192.168.20.10 dev eth2
127.0.0.0/8 dev lo scope link
default via 24.154.84.1 dev eth1
default via 24.154.84.1 dev eth1 src 24.154.84.40 metric 1
default via 24.154.84.1 dev eth1 src 24.154.84.39 metric 1
default via 24.154.84.1 dev eth1 src 24.154.84.38 metric 1
default via 24.154.84.1 dev eth1 src 24.154.84.37 metric 1
default via 24.154.84.1 dev eth1 src 24.154.84.36 metric 1
default via 24.154.84.1 dev eth1 src 24.154.84.35 metric 1
default via 24.154.84.1 dev eth1 src 24.154.84.34 metric 1
>>>>>
here are my routes on the Corporate box:
>>>>>
[root@localhost root]# ip route show
99.0.0.0/24 via 192.168.20.20 dev eth2
172.10.0.0/24 dev eth3 scope link
98.0.0.0/24 via 192.168.10.20 dev eth1
192.168.20.0/24 dev eth2 scope link
172.30.0.0/24 via 192.168.10.20 dev eth1
172.20.0.0/24 via 192.168.20.20 dev eth2
10.10.10.0/24 dev eth0 scope link
192.168.10.0/24 dev eth1 scope link
127.0.0.0/8 dev lo scope link
default via 192.168.20.20 dev eth2
>>>>>
So my external email server's address is 24.154.84.34 and it has to be routed
like this:
24.154.84.34 -> 192.168.20.20 -> 192.168.20.10 -> 10.10.10.254 -> 10.10.10.2
The problem is, people sending mail from the plant location show up as
192.168.20.20 which is not on the allowed relay list, because outside traffic
shows up as that IP too (so if I enable it, it makes me an open relay). How do
I get the plant PCs to show up as their own IP and not 192.168.20.20? I would
also like to have external incoming mail to have it's ip listed, and not
192.168.20.20 I am pretty sure its all in the masquerading lines in my
rc.local, but being a novice, I don't know of another way to do it. This is
probably stupid and easy for all you pro's, but can somebody lend me a hand
here?
CoogarXR
"The Linux Virgin"
Similar Threads
Linear Mode
