Hello Jeremy
On 14 Feb 2002, at 9:14, Jeremy C. Reed wrote:
> > old server directly to the new one. I have tried "ipmasqadm --
> > portfw" but there is no masquerading involved and it does not work.
>
> Does not work? (Show us.)
This machine has two network cards, one with masquerading onto
a private LAN. However the second mail server is on the public
side.
There is already forwarding of certain ports to machines inside the
LAN, which works perfectly. So the kernel must have all the correct
options compiled into it.
However
> Try something like:
>
> ipmasqadm portfw -a -P tcp -L 192.168.0.1 25 -R 192.168.0.2 25
This is exactly what I am running, but it does not work. (It would work
if the redirected IP was already being masqueraded.)
>From
/usr/share/doc/netbase/ipmasqadm/README.portfw.gz
<quote>
Port forwarding uses the existing masquerading scheme to do all
the rewriting of packets. The masquerading table (what you see
when you type netstat -M or ipfwadm -M -l) is setup as if the
connection started internally.
<quote>
Which may give a clue why it does not work on IP's for which there
is no masquerading configured.
> Your remote interface needs to listen on the original IP too.
Yes, I have checked that.
It seems I will have to upgrade to kernel 2.4.
I thought there might be an inetd replacement that could do this
(with correction of the source address IP).
As this is an old stable machine, and I don't want to fiddle too much,
I think I will try another option - updating the mail server
configuration to match that on our main server.
Thanks
Ian
---------------------------------------------------------------------
Ian Forbes ZSD
http://www.zsd.co.za
Office: +27 21 683-1388 Fax: +27 21 674-1106
Snail Mail: P.O. Box 46827, Glosderry, 7702, South Africa
---------------------------------------------------------------------
