search for: ext_ip1

...d SNAT. >> >> > >Hi Derek, > >I can only guess, because I don''t really understand the way you implemented >the SNAT (MASQ?)/Accept combination. > >But I think the correct way would be DNAT. Something like this in the rules >file: > >DNAT net:$EXT_IP1 loc:$INT_IP:PORT PROTO PORTS ORIG_DEST > >e.g.: >DNAT net:212.185.120.194 dmz:192.168.40.2 tcp http,https - 194.231.186.177 > >See the examples on top of the rules file and read FAQ30 >http://www.shorewall.net/FAQ.htm#faq30 > >HTH, >Alex > > > Apologies, I...

Hello all, I have shorewall setup with 3 SNAT entries for external IP address''s to a single IP internal address. I am wondering how to limit access based on the source IP address. ex. EXT IP 1 access only to port 25 EXT IP 2 access only to port 443 EXT IP 3 access only to port 80 I have the SNAT setup correctly and I have 3 accept line in the rules file (25,80,443) but I can hit