Re: [Shorewall-users] MASQ !!
Thu, 10 Jan 2002 13:05:28 -0800
I sorry for my explain unclear.I use masq in Shorewall .That is just
the command when i use iptables-save >> test.text to show.
I mean that i want to Masq with 1 interface that not be the
internet-interface .Can i ?
Because i did that masq my local-subnet to dmz-interface(eth1) which
have real-IP ,not internet-interface(eth0) which have unoffical-IP,it
can do with Shorewall ?
Wednesday, January 09, 2002, 9:05:22 PM, you wrote:
TE> On Thursday 10 January 2002 10:31 am, email@example.com wrote:
>> Dear shorewall-users,
>> My MASQ command is below:
>> iptables -A POSTROUTING -s 10.20.1.0/255.255.255.0 -o eth3 -j MASQUERADE
>> And i want to only :
>> iptables -A POSTROUTING -s 10.20.1.0/255.255.255.0 -j MASQUERADE
>> Can i do it with Shorewall ?
TE> Why are you using iptables commands for MASQUERADE with Shorewall? You
TE> specify masquerading in /etc/shorewall/masq and you can COMPLETELY control
TE> which subnets get masqueraded to which interfaces using that file.