[Shorewall-newbies] nat works kinda

Raymond Norton admin at lctn.org
Wed Mar 3 14:31:55 PST 2004


I have a school tech that I am helping resolve a Nat problem. I know this is
not a desired setup, but he is doing a public to private Nat on his loc
zone. We cannot access any services via the public IP.

 This is what I have:

Nat file =     66.x.x.x    eth0    10.20.0.14    yes no ( have tried yes
yes, and leaving it blank)
.


I can ping the public IP from the net and the firewall.

I can bring up the web site of the server from the private  IP side, but not
from the net.

When I tail -f /var/log/messages it does not show any rejects or info when
trying to access port 80 on the public IP.


After a ping to the public IP from the net "shorewall show nat" displays:

pkts bytes target prot opt in out source destination
5 284 DNAT all -- * * 0.0.0.0/0 66.x.x.x to:10.20.0.14


Any ideas what I am missing?


Raymond


Raymond



More information about the Shorewall-newbies mailing list