Shorewall users - Apr 2004 - net->loc traffic, routeback

Hi all,
I have this lines in rules
DNAT  net    loc:192.168.5.1:25    tcp    25
DNAT  loc    loc:192.168.5.1         tcp    25  -
199.250.138.102:192.168.5.254
where
external interface 199.250.138.102
internal  interface 192.168.5.254
routeback option in interfaces
as in FAQ#2 :
 all loc->loc traffic will look to the server as if it came from the
firewall rather than from the original client! That''s O.K.
-----
the trouble is that net ->loc traffic looks the same.

Can I have net->loc as if it came from the original IP address ?
Thanks
Petr Novak



---
Odchozí zpráva neobsahuje viry.
Zkontrolováno antivirovým systémem AVG (http://www.grisoft.cz).
Verze: 6.0.665 / Virová báze: 428 - datum vydání: 21.4.2004

Petr Novák wrote:
> Hi all,
> I have this lines in rules
> DNAT  net    loc:192.168.5.1:25    tcp    25
> DNAT  loc    loc:192.168.5.1         tcp    25  -
> 199.250.138.102:192.168.5.254
> where
> external interface 199.250.138.102
> internal  interface 192.168.5.254
> routeback option in interfaces
> as in FAQ#2 :
>  all loc->loc traffic will look to the server as if it came from the
> firewall rather than from the original client! That''s O.K.
> -----
> the trouble is that net ->loc traffic looks the same.
> 
> Can I have net->loc as if it came from the original IP address ?
Try changing your second rule to:

DNAT  loc:192.168.5.0/24 loc:192.168.5.1 ...

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net