[Shorewall-users] Workaround to "Cannot delete a rule"

Tom Eastep teastep@shorewall.net
Wed, 8 May 2002 14:39:14 -0700 (PDT)

On Wed, 8 May 2002, Val Vechnyak wrote:

> Dear Tom,
> Thank you very much for all your help.  I started digging in your program 
> and found a workaround.  It works for me very well.  What I did is I created 
> my backup SNAT in masq file and regular in nat file.
> eth0
> This way shorewall creates two SNAT for me and only one (primary) DNAT.

Cool -- just be careful when installing a new version of Shorewall. I'll
try to remember to include a warning in the release notes if I change the
structure of the 'nat' table in the future. I tend to restructure the
chains from time to time in order to reduce the number of rules that each
packet must pass through.

> P.S. I dont know enought about iptables, but I am very determined.


