Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Redirecting mail with IPCOP

Redirecting mail with IPCOP 10 years 10 months ago #12637

  • Abejaruco
  • Abejaruco's Avatar
  • Offline
  • New Member
  • Posts: 2
  • Karma: 0
I'm trying to redirect all mail packets (POP3 and SMTP) in the local network to a specific host. I'm trying with the following rules:

[code:1]
## Changes destination address of the smtp packets,
## port 25
iptables -v -t nat -A PREROUTING -p tcp --dport 25 -i eth0 -j DNAT --to 192.168.12.1:25

## Changes destination address of the pop3 packets,
## port 110
iptables -v -t nat -A PREROUTING -p tcp --dport 110 -i eth0 -j DNAT --to 192.168.1.197:110
[/code:1]



Where eht0 is the green interface of the IPCOP firewall and 192.168.12.1 is a knoppix host wich sends back to the source address any mail it receives.

I send a mail to the knoppix system with 192.168.1.195 and want the firewall to redirects it to the knoppix host and then redirect the reply to another host at 192.168.1.197.

I don't know if I explain myself clearly. The point is that the rules above don't do anything. Thanks for your help.


[edit] Sorry about the duplicated post. I'm still sleepeth :oops: :oops:
What am I so stupid??
The administrator has disabled public write access.

Re: Redirecting mail with IPCOP 10 years 10 months ago #12642

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Posts: 1302
  • Karma: 1
If the source and destination addresses are both in the same subnet (GREEN), routing changes on your IPCOP will not have any effect.
The administrator has disabled public write access.

Re: Redirecting mail with IPCOP 10 years 10 months ago #12652

  • Abejaruco
  • Abejaruco's Avatar
  • Offline
  • New Member
  • Posts: 2
  • Karma: 0
Dalight

So, if I understand you, I can't redirect mail packets (smtp and pop3) in the same subnet with iptables rules??

Could you tell me another method to do this?? This firewall is going to be in a honeynet and the purpose of it is to capture the ougoing mail packets, wich a test malware at the honeypots will try to send, and redirect it to an analysis machine.

Thank you for your help!!

[edit]

I'm thinking about placing the knoppix system in a DMZ with an Orange card.

Any smtp or pop3 related packet generated in the green card (the honeynet) subnet will be redirected to the knoppix system in the orange card, wich will reply the messages to the sender. The honeywall will redirect the reply to an analysis system in the green card.

Is that possible??
What am I so stupid??
The administrator has disabled public write access.
Time to create page: 0.077 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup