[Shorewall-users] Masq All Except

Tom Eastep teastep at shorewall.net
Thu Sep 30 10:32:05 PDT 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Gary Buckmaster wrote:
> My firewall is also performing mail proxying for the protected
> subnet(s).  Is it possible to specify in the Masq rulesets to not
> masquerade connections bound for specific ports?  If I want to force
> outbound connections to speak to the firewall's port 25, is that to be
> done via Masq or am I doing things incorrectly?
>

You don't need any address rewriting for that. You will have two
separate connections:

loc->fw
fw->net

- -Tom
- --
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBXEMVO/MAbZfjDLIRAu/oAJoDA1KcFWANTPM8Hqyz3B0LpYF4xACgn+hI
Ec7w/ewudRW3N2GBvY1o4XQ=
=z9U2
-----END PGP SIGNATURE-----


More information about the Shorewall-users mailing list