search for: shorewallrule

...- and webservers, we are using DNAT to make this machines reachable from the internet. The firewall-machine is connected to the internet with two connections, one ADSL connection and one ISDN-link. So NAT only seems to work with the connection which is also the default gateway. Example: this is the shorewallrule for our web-server DNAT net loc:192.168.0.161 tcp www which works fine as the default gateway is the ADSL-link known to shorewall as net. But the rule DNAT isdn loc:192.168.0.161 tcp ssh won''t work, because it sends it''s answers out over the dsl-l...

...ars to be an address (IP or MAC) or the name of an ipset, then it is placed after the value in the macro body. Otherwise, it is placed before the value in the macro body. Example 1: /etc/shorewall/macro.foo: PARAM - 192.168.1.5 tcp http /etc/shorewallrules: foo/ACCEPT net loc Effective rule: ACCEPT net loc:192.168.1.5 tcp http Example 2: /etc/shorewall/macro.bar: PARAM net loc tcp http /etc/shorewall/rules: bar/ACCEPT -...