[Shorewall-users] "shorewall add" and hosts not exactly the same?

Tom Eastep teastep at shorewall.net
Sat May 3 09:38:03 PDT 2003

On Sat, 3 May 2003 16:28:13 +0100, Miguel Armas <kuko at maarmas.com> wrote:

> DNAT     pub!auth       fw: all    - - !

That rule is statically created at "shorewall [re]start" and is not changed 
when you add hosts to the 'auth' zone.

> So the code can handle DNAT rules to dynamically added hosts, but not the
> exception to DNAT rules??

That's correct.

> Maybe it should create a nonat table with the name of the zone 
> (auth_nonat1)
> and add a RETURN rule to that table with the newly added host??
> Is it very complex to implement?

Let me give it some thought...

Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://www.shorewall.net
Washington USA  \ teastep at shorewall.net

More information about the Shorewall-users mailing list