[Shorewall-users] REDIRECT after ACCEPT

Tom Eastep teastep at shorewall.net
Wed Mar 3 16:09:35 PST 2004


On Wednesday 03 March 2004 04:00 pm, Tom Eastep wrote:
> On Wednesday 03 March 2004 03:57 pm, Dominik Strnad wrote:
> > Thank you for right syntax.
> > But I am realy sad. :-( let me suppose that I am using 192.168.0.0/16
> > network and just few Ips are permited and due to this I have to list so
> > many
> > Subnets and / or hosts to redirect these which are not permited...
>
> Sorry

The only other thing that I can think of is:

In /etc/shorewall/rules:

REDIRECT	unh	80	tcp	...

In /etc/shorewall/start:

for address in <list of addresses that don't get redirected>; do
   run_iptables -t nat -I unh_dnat -s $address -p tcp --dport 80 -j RETURN
done

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net




More information about the Shorewall-users mailing list