[Shorewall-users] Mixing static nat and port forwarding

Tom Eastep teastep@shorewall.net
Mon, 29 Apr 2002 10:27:19 -0700 (PDT)

On Mon, 29 Apr 2002, Malcolm Gray wrote:

> Is there a way to mix static NAT and port forwarding
> or is it only possible to use a rule to port forward
> other IPs?
> In my tests using
> ACCEPT         net loc: tcp http - all
> This worked if (from outside) I connected to the IP 
> address of the external interface but failed (package 
> went throught to Static NATed machine) for those IPs
> that used Static NAT.

Static NAT takes precedence over port forwarding.  

Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net