search for: detect_dnat_addrs

...terface and /etc/ shorewall/hosts files. This new file makes remote firewall administration easier by allowing any IP or subnet to be enabled while Shorewall is stopped. 2. An /etc/shorewall/stopped extension script has been added. This script is invoked after Shorewall has stopped. 3. A DETECT_DNAT_ADDRS option has been added to /etc/shoreall/shorewall.conf. When this option is selected, DNAT rules only apply when the destination address is the external interface''s primary IP address. 4. The QuickStart Guide has been broken into three guides and has been almost entirely rewrit...

# shorewall version 3.2.1 SNAT is enabled. Setting up DNAT to do port forwarding -- this example looked exactly like what I wanted: (FAQ 1c) From the internet, I want to connect to port 1022 on my firewall and have the firewall forward the connection to port 22 on local system 192.168.1.3. How do I do that? In /etc/shorewall/rules: #ACTION SOURCE DEST PROTO DEST PORT

Hello all, Running the "ancient" 1.4.7-RC1 version I have a problem with port forwarding. I have for a number of external fixed IP addresses forwarding to an internal terminal server - this works :-) DNAT net:111.22.33.44 loc:192.168.1.11 tcp 3389 DNAT net:222.33.44.55 loc:192.168.1.11 tcp 3389 Now I need to forward port 80 from one external address to an

Dear All, Firstly, thank you very much - shorewall is great. I''m not a member of this list, and please forgive me if I am suggesting something stupid, but the following occurs to me, and I thought it might be useful. Why no make it possible to specify zones as well as interfaces in the /etc/shorewall/masq file ? Eg: instead of: eth0 eth1 one might write: net loc (or masq in