[Shorewall-users] DNAT help

Roy Barkas rbarkas@usa.net
Wed, 3 Jul 2002 18:47:41 +1000

I'm having trouble making DNAT work the way I think it should.  I'm
using Shorewall 1.2 and iptables

What I need to do is forward udp port 500 packets addressed to the
firewall machine from the net to a machine behind the firewall.

I have NAT_ENABLED set to "yes"

I am masquerading the machine that I want to forward the incoming
packets to.

I have the following statement in /etc/shorewall/rules:

DNAT net: wep: udp 500

	   ^^the source machine	     ^^my destination behind the

"wep" and "net" are defined in my interfaces file and work fine for
everything else.

I get the following message upon doing a shorewall start:

Error: Invalid Target in rule "DNAT net: wep:
udp 500"


Roy Barkas