Re[2]: [Shorewall-users] MASQ !!

T.Q.Huy" < T.Q.Huy" <
Thu, 10 Jan 2002 13:05:28 -0800

Dear Tom,
I sorry for my explain unclear.I use masq in Shorewall .That is just
the command when i use iptables-save >> test.text to show.
I mean that i want to Masq with 1 interface that not be the
internet-interface .Can i ?
Because i did that masq my local-subnet to dmz-interface(eth1) which
have real-IP ,not internet-interface(eth0) which have unoffical-IP,it
can do with Shorewall ?

Best regards,

Wednesday, January 09, 2002, 9:05:22 PM, you wrote:

TE> On Thursday 10 January 2002 10:31 am, wrote:
>> Dear shorewall-users,
>>   My MASQ command is below:
>> iptables -A POSTROUTING -s -o eth3 -j MASQUERADE
>> And i want to only :
>> iptables -A POSTROUTING -s  -j MASQUERADE
>> Can i do it with Shorewall ?

TE> Why are you using iptables commands for MASQUERADE with Shorewall? You 
TE> specify masquerading in /etc/shorewall/masq and you can COMPLETELY control 
TE> which subnets get masqueraded to which interfaces using that file.

TE> -Tom