Joshua Penix
2002-Sep-05 22:15 UTC
[Shorewall-users] Can shorewall be configured to let Citrix g o thru
> -----Original Message----- > From: Luke Chong [mailto:lchong@edm.trlabs.ca] > Sent: Thursday, September 05, 2002 3:06 PM > To: shorewall-users@shorewall.net > Subject: [Shorewall-users] Can shorewall be configured to let > Citrix go > thru > > > Hi ALL: > > I am new to shorewall. Just a quick question about whether I can > configure shorewall to allow citrix to go thru? Thanks!Sure, just configure it to allow port 1604 (udp) and port 1494 (tcp) through to your Citrix box. In /etc/shorewall/rules, put something like: ACCEPT net loc:<ip.of.citrix> udp 1604 - <outside.ip> ACCEPT net loc:<ip.of.citrix> tcp 1494 - <outside.ip> --Josh
Tom Eastep
2002-Sep-11 14:39 UTC
[Shorewall-users] Can shorewall be configured to let Citrix g o thru
On Thursday 05 September 2002 03:15 pm, Joshua Penix wrote:> > -----Original Message----- > > From: Luke Chong [mailto:lchong@edm.trlabs.ca] > > Sent: Thursday, September 05, 2002 3:06 PM > > To: shorewall-users@shorewall.net > > Subject: [Shorewall-users] Can shorewall be configured to let > > Citrix go > > thru > > > > > > Hi ALL: > > > > I am new to shorewall. Just a quick question about whether I can > > configure shorewall to allow citrix to go thru? Thanks! > > Sure, just configure it to allow port 1604 (udp) and port 1494 (tcp) > through to your Citrix box. > > In /etc/shorewall/rules, put something like: > > ACCEPT net loc:<ip.of.citrix> udp 1604 - <outside.ip> > ACCEPT net loc:<ip.of.citrix> tcp 1494 - <outside.ip> >Or, using Shorewall 1.3 syntax: DNAT net loc:<ip.of.citrix> udp 1604 - <outside.ip> DNAT net loc:<ip.of.citrix> tcp 1494 - <outside.ip> -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net
Luke Chong
2002-Sep-11 15:54 UTC
[Shorewall-users] Can shorewall be configured to let Citrix g o thru
Thanks Tom. But, I still cannot make it work. Will there be any problem regarding to routing or dns setting? On Wed, 11 Sep 2002, Tom Eastep wrote:> On Thursday 05 September 2002 03:15 pm, Joshua Penix wrote: > > > -----Original Message----- > > > From: Luke Chong [mailto:lchong@edm.trlabs.ca] > > > Sent: Thursday, September 05, 2002 3:06 PM > > > To: shorewall-users@shorewall.net > > > Subject: [Shorewall-users] Can shorewall be configured to let > > > Citrix go > > > thru > > > > > > > > > Hi ALL: > > > > > > I am new to shorewall. Just a quick question about whether I can > > > configure shorewall to allow citrix to go thru? Thanks! > > > > Sure, just configure it to allow port 1604 (udp) and port 1494 (tcp) > > through to your Citrix box. > > > > In /etc/shorewall/rules, put something like: > > > > ACCEPT net loc:<ip.of.citrix> udp 1604 - <outside.ip> > > ACCEPT net loc:<ip.of.citrix> tcp 1494 - <outside.ip> > > > > Or, using Shorewall 1.3 syntax: > > DNAT net loc:<ip.of.citrix> udp 1604 - <outside.ip> > DNAT net loc:<ip.of.citrix> tcp 1494 - <outside.ip> > > -Tom > -- > Tom Eastep \ Shorewall - iptables made easy > AIM: tmeastep \ http://www.shorewall.net > ICQ: #60745924 \ teastep@shorewall.net > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@shorewall.net > http://www.shorewall.net/mailman/listinfo/shorewall-users >_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ _/ Mr. Luke L. S. Chong Telecommunications Research Laboratories _/ _/ Computer Systems Administrator 800 Park Plaza, 10611 - 98 Ave _/ _/ Tel: (780) 441-3818 Edmonton, Alberta _/ _/ Fax: (780) 441-3600 Canada T5K 2P7 _/ _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
Tom Eastep
2002-Sep-11 16:40 UTC
[Shorewall-users] Can shorewall be configured to let Citrix g o thru
On Wednesday 11 September 2002 08:54 am, Luke Chong wrote:> Thanks Tom. > > But, I still cannot make it work. Will there be any problem regarding to > routing or dns setting? >Shouldn''t be -- are you seeing any messages in "shorewall show log" when you try to connect? -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net