\_ SMTP quoth Lynn David Newton on 6/17/2003 13:28 as having spake thusly:
\_
\_ [snip since fixed]
\_
\_ D> or try
\_
\_ "Or"? Meaning back out the change above?
\_
\_ D> /sbin/iptables -t nat -A OUTPUT -d !127.0.0.1 -p tcp --dport 25 \
\_ D> -j DNAT --to-destination smtp.west.cox.net
\_
\_ That gives me an error message:
\_
\_ iptables v1.2.6a: Bad IP address `smtp.west.cox.net'
\_
\_ Going way out on a limb here, I tried this:
\_
\_ nslookup smtp.west.cox.net
\_ ... blah blah ...
\_ 68.6.18.4
yah.
\_ Then
\_
\_ /sbin/iptables -t nat -A OUTPUT -d !127.0.0.1 -p tcp --dport 25 -j DNAT
\_ --to-destination 68.6.19.4
\_
\_ which gives me the error:
\_
\_ iptables v1.2.6a: host/network `!127.0.0.1' not found
Err... I suspect bad whitespace or command formatting.
! -d 127.0.0.1
or
-d ! 127.0.0.1 # my voten
\_ "Something with dig and xargs", eh? Well, well. I certainly
\_ Know xargs, and am familiar with dig but don't know what to do to use the
\_ output of dig to send it to xargs to send it to something that iptables
\_ might be able to grok. At least not without probably bringing my system off
\_ the net for the next three weeks at the same time.
dig smtp.west.cox.net | dwim-filter.pl | xargs .... iptables ...
I overlooked mentioning that you probably wanted to filter the results
first. That was left as an exercise for the reader. :-)
\_ I live
\_ behind a router, and have never had to deal with
\_ iptables.
No time like the present to install anothe layer of security. :-)
\_ D> The !127.1 allows for local procmail and fetchmail
\_ D> to work as you might expect.
\_
\_ Both of which I use. But what !127.1 are you talking
\_ about? All I see above is !127.0.0.1. Is that an
\_ equivalent syntax? Somehow I've never known that
\_ before.
127.1 is shorthand for 127.0.0.1 and works equivalently many places.
David
(text/plain)