[Shorewall-users] Problem with local forwards

Tom Eastep teastep@shorewall.net
Wed, 23 Jan 2002 06:26:50 -0800


On Tuesday 22 January 2002 08:15 pm, Chris Freeze wrote:
> Using the FAQ Question #2, I've set up in my rules file this line, and =
I
> have noticed a potential problem.  With a line like this:
>
> ACCEPT  net     local:192.168.2.42  tcp
> ssh,ftp,ftp-data,smtp,imaps,auth,http,https,domain  -  aa.bb.cc.dd
>
> Where aa.bb.cc.dd is my external address.  Local redirects don't work. =
 If
> I however have just the 'http' specified without all the other services=
 the
> redirect works.  ie,
>
> ACCEPT  net     local:192.168.2.42  tcp     http  -  aa.bb.cc.dd
>
>
> Does the local redirect only bind to the first port listed?

The above rule should have nothing to do with local redirection so someth=
ing=20
else is going on with your setup.

> Nothing else
> was changed in my experimenting.

Two questions.

a) Which version of Shorewall are you running?
b) How have you set up the local redirection (what does that rule look li=
ke)?

-Tom
--=20
Tom Eastep    \ A Firewall for Linux 2.4.*
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net