[prev in list] [next in list] [prev in thread] [next in thread]
List: focus-linux
Subject: Re: Application level proxy for POP3/SMTP protocol
From: Marcelo Ravilet <mravilet () e-money ! cl>
Date: 2006-06-05 13:06:04
Message-ID: 1149512764.12859.6.camel () mfrm ! e-money ! cl
[Download RAW message or body]
Hi guys,
A way for this solution is iptables, you can do the PAT concept, (port
address translation)
here an example for PAT.
/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d xxx.xxx.xxx.xxx
--dport 8888 -j DNAT --to yyy.yyy.yyy.yyy:80
/sbin/iptables -A FORWARD -p tcp -i eth0 -d yyy.yyy.yyy.yyy --dport 80 -j ACCEPT
Best Regards
Marcelo Ravilet
El vie, 02-06-2006 a las 10:11 -0500, Nicholas Schmidt escribió:
> I am no iptables expert but I know that OpenBSD pf can do this kind of
> filtering. Knowing the competition between the two groups, it is most
> likely possible. You will just write a redirect with dns enabled on the
> ruleset.
>
> Nick
>
> On Thu, 2006-06-01 at 15:36 +0800, zHihaO wrote:
> > Hi all,
> >
> > I'm in a sticky situation now because of the filtering of internet
> > traffic out from China. Our users in china have got alot of problems
> > connecting to our servers here to pop their emails and as a result, we
> > have to get a server up in a datacentre in china and setup ssh port
> > forwarding on the server in china. Here is the flow :
> >
> > chinese users --> china server (high port. eg: 10000 depending on which
> > local server they are connecting to) --> ssh tunnel --> local server
> > (POP3 port)
> >
> > The users in china will connect to our china server like this :
> > china.mail.domain.com:50000. Port 50000 is actually an ssh tunnel to our
> > local servers on port 110 here.
> >
> > Problem is we do have a hugh number of servers and it will be hard to
> > keep track of the big number of ssh tunnels/ports opened up from china
> > to our local servers. Any of you know of any good application level
> > proxy that will redirect users based on the result of their dns records?
> > For example, users connecting to the china server running this proxy
> > will be redirected based on the IP address returned when the proxy do a
> > dig on mail.domain.com or mail2.domain.com and redirect them promptly to
> > port 110 of either mail.domain.com or mail2.domain.com depending on the
> > dig result being returned.
> >
> > Any help will be greatly appreciated..!!!
> >
> > -zhihao
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic