[Shorewall-newbies] DNAT stops working.
Kim Pedersen
kp at thuka.dk
Tue Mar 9 05:49:39 PST 2004
Hello,
I have installed the Shorewall package, and I have configured it
according to the "I have multiple public IPs" howto. I can get everything
working, including my dnat rules.
However, after a while the DNAT rules stop working. Restarting shorewall
simply will not help this situation.
Trying to issue the: shorewall show nat command, will correctly tell me
that I have indeed installed the dnat rules. one-to-one nat to these
servers work perfectly, all the time, as far as
i can tell. As mentioned I have several public IPs and a couple of DMZ
zones. I have included the relevant DNAT rules in the mail.
I hope someone can give me some information on what I am doing wrong.
System is slackware 9.1 with kernel 2.4.22.
Shorewall is version 1.4.10c (I have the same problem with the 1.3
branch).
The DNAT rules in question:
DNAT net dmz:192.168.4.51 tcp 25 - 80.199.89.123
DNAT net dmz:192.168.4.211 tcp 80 - 80.199.89.124
Sometimes this works, other it doesnt... What am i doing wrong?
tcpdumping gives me no other info than I am receiving the packets on the
internet interface, but they are never forwarded to the hosts on the
inside.
Sincerely,
Kim Pedersen
More information about the Shorewall-newbies
mailing list