[Shorewall-newbies] Dual DNAT and SNAT ?

Tom Eastep teastep at shorewall.net
Sat Jan 3 15:09:56 PST 2004


On Saturday 03 January 2004 09:19 am, Niels Kristian Jensen wrote:

>
> and added this to the "masq" file:
>
> eth0:4		192.168.2.11/32		194.192.161.164
>
>
> I guess that the setup will lead to any contact originating on akela to
> the "net" will seem to come from 194.192.161.164 ?
>

Yes:

>
> I use the /32 subnet to single out this one server because I also have
> two more servers:
>
> eth0:5		192.168.2.165/32	194.192.161.165
> eth0:6		192.168.2.112/32	194.192.161.166
>
>
>
> So the questions:
>
> 1) Will it work as I describe it?

Yes.

>
> 2) Can I somehow make connections originating on akela for domain ports
> only SNAT to 194.192.161.168 ?

Not using standard Shorewall facilities.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net




More information about the Shorewall-newbies mailing list