[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-linux
Subject:    Re: Application level proxy for POP3/SMTP protocol
From:       Marcelo Ravilet <mravilet () e-money ! cl>
Date:       2006-06-05 13:06:04
Message-ID: 1149512764.12859.6.camel () mfrm ! e-money ! cl
[Download RAW message or body]

Hi guys,

	A way for this solution is iptables, you can do the PAT concept, (port
address translation)

here an example for PAT.

/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d xxx.xxx.xxx.xxx
		 --dport 8888 -j DNAT --to yyy.yyy.yyy.yyy:80
/sbin/iptables -A FORWARD -p tcp -i eth0 -d yyy.yyy.yyy.yyy --dport 80 -j ACCEPT


Best Regards
Marcelo Ravilet


El vie, 02-06-2006 a las 10:11 -0500, Nicholas Schmidt escribió:
> I am no iptables expert but I know that OpenBSD pf can do this kind of
> filtering. Knowing the competition between the two groups, it is most
> likely possible. You will just write a redirect with dns enabled on the
> ruleset. 
> 
> Nick
> 
> On Thu, 2006-06-01 at 15:36 +0800, zHihaO wrote:
> > Hi all,
> > 
> > I'm in a sticky situation now because of the filtering of internet 
> > traffic out from China. Our users in china have got alot of problems 
> > connecting to our servers here to pop their emails and as a result, we 
> > have to get a server up in a datacentre in china and setup ssh port 
> > forwarding on the server in china. Here is the flow :
> > 
> > chinese users --> china server (high port. eg: 10000 depending on which 
> > local server they are connecting to) --> ssh tunnel --> local server 
> > (POP3 port)
> > 
> > The users in china will connect to our china server like this : 
> > china.mail.domain.com:50000. Port 50000 is actually an ssh tunnel to our 
> > local servers on port 110 here.
> > 
> > Problem is we do have a hugh number of servers and it will be hard to 
> > keep track of the big number of ssh tunnels/ports opened up from china 
> > to our local servers. Any of you know of any good application level 
> > proxy that will redirect users based on the result of their dns records? 
> > For example, users connecting to the china server running this proxy 
> > will be redirected based on the IP address returned when the proxy do a 
> > dig on mail.domain.com or mail2.domain.com and redirect them promptly to 
> > port 110 of either mail.domain.com or mail2.domain.com depending on the 
> > dig result being returned.
> > 
> > Any help will be greatly appreciated..!!!
> > 
> > -zhihao
> 

[prev in list] [next in list] [prev in thread] [next in thread]