[Shorewall-users] Is this possible with shorewall?

Eduardo Ferreira duda at icatu.com.br
Mon Dec 1 14:48:20 PST 2003


oh, my! oh, my!  repeat 100 times: I will read the documentation next 
time. I will read the documentation next time [... snip ...]

[ no joke mode:]
What happened was that I was just looking to the nat file, because, with 
that name, it narrowed my view... I just didn't look around...

thanks a lot!

Eduardo 

shorewall-users-bounces+duda=icatu.com.br at lists.shorewall.net wrote on 
01/12/2003 14:01:16:

> On Mon, 2003-12-01 at 07:47, Eduardo Ferreira wrote:
> > I'm doing this with a couple of iptable commands that needs to 
> > be issued in the start script:
> > 
> > run_iptables -t nat -I POSTROUTING -s 10.1.20.1 -d 172.21.4.1 -j SNAT 
> > --to-source 172.21.4.51
> > run_iptables -t nat -I PREROUTING -s 172.21.4.1 -d 172.21.4.51 -j DNAT 

> > --to-destination 10.1.20.1
> > 
> > is there a way of doing this using the configuration files? 
> 
> /etc/shorewall/masq:
> 
> <if1>:172.21.4.1   10.1.20.1   172.21.4.51
> 
> /etc/shorewall/rules:
> 
> DNAT   <z1>:172.21.4.1   <z2>:10.1.20.1   all   -   -   172.21.4.51
> 
> -Tom 
> -- 
> Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
> Shoreline,     \ http://shorewall.net
> Washington USA  \ teastep at shorewall.net
> 
> 
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users at lists.shorewall.net
> Subscribe/Unsubscribe: https://lists.shorewall.
> net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm



More information about the Shorewall-users mailing list