On Tue, 7 May 2002, Val Vechnyak wrote:
>
> This is the related entry from nat file:
>
> #EXTERNAL INTERFACE INTERNAL ALL INTERFACES
> LOCAL
> 65.211.35.209 eth0 192.168.1.151 no no
> 65.211.35.209 eth0 192.168.1.30 no no
>
> Unfortunately my script does not work with shorewall because shorewall
> creates two DNAT and two corresponding SNAT. Of course two DNAT records
> that point to different internal IPs does not work.
>
> My question is what should I do here? Is there any workaround. I am new
to
> shorewall.
>
I quote from the Shorewall documentation AND from the comments at the top
of /etc/shorewall/nat:
IMPORTANT: If all you want to do is forward ports to servers behind your
firewall, you do NOT want to use static NAT. Port forwarding can be
accomplished with simple entries in the rules file.
Your script assumes simple port forwarding is being used.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net