Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: Application level proxy for POP3/SMTP protocol
From: Marcelo Ravilet (mravilete-money.cl)
Date: Mon Jun 05 2006 - 08:06:04 CDT
A way for this solution is iptables, you can do the PAT concept, (port
here an example for PAT.
/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d xxx.xxx.xxx.xxx
--dport 8888 -j DNAT --to yyy.yyy.yyy.yyy:80
/sbin/iptables -A FORWARD -p tcp -i eth0 -d yyy.yyy.yyy.yyy --dport 80 -j ACCEPT
El vie, 02-06-2006 a las 10:11 -0500, Nicholas Schmidt escribió:
> I am no iptables expert but I know that OpenBSD pf can do this kind of
> filtering. Knowing the competition between the two groups, it is most
> likely possible. You will just write a redirect with dns enabled on the
> On Thu, 2006-06-01 at 15:36 +0800, zHihaO wrote:
> > Hi all,
> > I'm in a sticky situation now because of the filtering of internet
> > traffic out from China. Our users in china have got alot of problems
> > connecting to our servers here to pop their emails and as a result, we
> > have to get a server up in a datacentre in china and setup ssh port
> > forwarding on the server in china. Here is the flow :
> > chinese users --> china server (high port. eg: 10000 depending on which
> > local server they are connecting to) --> ssh tunnel --> local server
> > (POP3 port)
> > The users in china will connect to our china server like this :
> > china.mail.domain.com:50000. Port 50000 is actually an ssh tunnel to our
> > local servers on port 110 here.
> > Problem is we do have a hugh number of servers and it will be hard to
> > keep track of the big number of ssh tunnels/ports opened up from china
> > to our local servers. Any of you know of any good application level
> > proxy that will redirect users based on the result of their dns records?
> > For example, users connecting to the china server running this proxy
> > will be redirected based on the IP address returned when the proxy do a
> > dig on mail.domain.com or mail2.domain.com and redirect them promptly to
> > port 110 of either mail.domain.com or mail2.domain.com depending on the
> > dig result being returned.
> > Any help will be greatly appreciated..!!!
> > -zhihao