Hello I have a question, How ca I do specify I want Dinamyc NAT only for a
specific destination
-----------
LAN | | Not secure Net
-------------| FW |-----------------------------------
|Shorewall| | |
----------- | |
| |
------------ ------------
| | | |
| DST1 | | DST2 |
| | | |
----------- -----------
For example I want make NAT if packet destination is DST1 (network or PC) but
not if destination is DST2.
Thanks on advance.
Domingo Perez wrote:> Hello I have a question, How ca I do specify I want Dinamyc NAT only for a specific destination > ----------- > LAN | | Not secure Net > -------------| FW |----------------------------------- > |Shorewall| | | > ----------- | | > | | > ------------ ------------ > | | | | > | DST1 | | DST2 | > | | | | > ----------- ----------- > > > For example I want make NAT if packet destination is DST1 (network or PC) but not if destination is DST2.I guessing that what you want is Source NAT (you want to change the apparent source address)? If so, in /etc/shorewall/masq (assume that eth0 interfaces to your "Not secure Net" and eth1 interfaces to your LAN): eth0:<DST1 IP> eth1 <source IP to use> eth0:<DST2 IP> eth1 <source IP to use> Be sure that those entries are *before* any blanket SNAT/MASQUERADE entry in the file. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Seemingly Similar Threads
- rsync problem
- RFC: [GlobalISel] Towards a generic MI combiner framework
- RFC: [GlobalISel] Towards a generic MI combiner framework
- [LLVMdev] Initial thoughts on an LLVM backend for N-address generic assembly
- Resend: assertion in MachineCopyPropagation::isNopCopy