On Tue, 7 May 2002, Val Vechnyak wrote:
> 
> This is the related entry from nat file:
> 
> #EXTERNAL       INTERFACE       INTERNAL        ALL INTERFACES          
> LOCAL
> 65.211.35.209   eth0         192.168.1.151       no          no
> 65.211.35.209   eth0         192.168.1.30        no          no
> 
> Unfortunately my script does not work with shorewall because shorewall 
> creates two DNAT and two corresponding SNAT.  Of course two DNAT records 
> that point to different internal IPs does not work.
> 
> My question is what should I do here?  Is there any workaround.  I am new
to
> shorewall.
>
I quote from the Shorewall documentation AND from the comments at the top 
of /etc/shorewall/nat:
IMPORTANT: If all you want to do is forward ports to servers behind your
firewall, you do NOT want to use static NAT. Port forwarding can be
accomplished with simple entries in the rules file.
Your script assumes simple port forwarding is being used.
-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net