You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi. I am using ndpi netfilter module.
I have multiple DNAT rules, forwarding ports to external socks proxy servers, like this
iptables -t nat -A PREROUTING -p tcp -m tcp --dport 13069 -j DNAT --to-destination 5.5.5.5:31029
I want to filter smtp traffic. I added such rules
iptables -A INPUT -m ndpi --proto smtp -j REJECT
iptables -A FORWARD -m ndpi --proto smtp -j REJECT
iptables -A OUTPUT -m ndpi --proto smtp -j REJECT #works for outgoing smtp connections from that server
iptables -t mangle -I PREROUTING -m ndpi --proto smtp -j DROP
iptables -t mangle -I OUTPUT -m ndpi --proto smtp -j DROP
iptables -t nat -I PREROUTING -p tcp -m ndpi --proto smtp -j REDIRECT --to-ports 666 #inexistent port, coz drop is not allowed in nat
iptables -t nat -I OUTPUT -p tcp -m ndpi --proto smtp -j REDIRECT --to-ports 666
but smtp connections are still going through socks proxy servers. Can you please advice me how to filter smtp traffic?
the scheme is: socks client -> my server -> dnat -> external server socks port
The text was updated successfully, but these errors were encountered:
You cannot change NAT after a connection has been established.
DPI determines the protocol based on the contents of the packets. This means that the protocol will be determined after the connection is established.
Hi. I am using ndpi netfilter module.
I have multiple DNAT rules, forwarding ports to external socks proxy servers, like this
iptables -t nat -A PREROUTING -p tcp -m tcp --dport 13069 -j DNAT --to-destination 5.5.5.5:31029
I want to filter smtp traffic. I added such rules
iptables -A INPUT -m ndpi --proto smtp -j REJECT
iptables -A FORWARD -m ndpi --proto smtp -j REJECT
iptables -A OUTPUT -m ndpi --proto smtp -j REJECT #works for outgoing smtp connections from that server
iptables -t mangle -I PREROUTING -m ndpi --proto smtp -j DROP
iptables -t mangle -I OUTPUT -m ndpi --proto smtp -j DROP
iptables -t nat -I PREROUTING -p tcp -m ndpi --proto smtp -j REDIRECT --to-ports 666 #inexistent port, coz drop is not allowed in nat
iptables -t nat -I OUTPUT -p tcp -m ndpi --proto smtp -j REDIRECT --to-ports 666
but smtp connections are still going through socks proxy servers. Can you please advice me how to filter smtp traffic?
the scheme is: socks client -> my server -> dnat -> external server socks port
The text was updated successfully, but these errors were encountered: