# exim is replying to. I don't know why.
#iptables -t mangle -A OUTPUT -m owner --uid-owner Debian-exim -j MARK --set-mark 0x1
+# match source or dest port. when we send to 25, it picks a random high port as
+# the source.
-e iptables -t mangle $iptables_op OUTPUT -m tcp -p tcp -m multiport --sports 25 -j MARK --set-mark 0x1
+for port in 25 993; do # smtp and imap with ssl.
+e iptables -t mangle $iptables_op OUTPUT -m tcp -p tcp -m multiport --ports $port -j MARK --set-mark 0x1
+done
e iptables -t nat $iptables_op POSTROUTING -o tun0 -m mark --mark 0x1 -j SNAT --to-source 10.8.0.4
e ip rule $ip_op fwmark 1 table 1
# note, this rule does not persist when the tun interface is deleted
iankelling.org / git / distro-setup / blobdiff