spoofing with iptables
I'm trying to do some tricky spoofing using iptables and have had some issues. I have a /27 subnet populated by a dozen or so servers and I want outbound mail from one machine on my subnet to appear to originate from another machine on the same subnet. I've been trying to craft a rule something like
iptables -t nat -A POSTROUTING -o eth0 -s $SRCHOST -p tcp --dport 25 -j SNAT --to xxx.xxx.xxx.220
where $SRCHOST has the IP xxx.xxx.xxx.216.
I'm trying to accomplish this because I'm working with a company that assists in email delivery and they want to associate all mail sent for a domain with a single IP address. Since my web and mail servers are separate and I don't want to add to the load by adding a relay I wanted to try and use iptables to spoof the webserver IP.
Am I barking up the wrong tree?
|