k.mihoubi@libertysurf.fr
2003-Jun-16 09:32 UTC
[Shorewall-users] Need help doing automatic static Nat
Hi, I use shorewall as I find it is very clear for understanding rules and ip filters. I need to do such a static NAT : DNAT lan:10.0.0.1 tcp all lan2:192.168.1.1 DNAT lan:10.0.0.2 tcp all lan2:192.168.1.2 DNAT lan:10.0.0.3 tcp all lan2:192.168.1.3 DNAT lan:10.0.0.4 tcp all lan2:192.168.1.4 DNAT lan:10.0.0.5 tcp all lan2:192.168.1.5 DNAT lan:10.0.0.6 tcp all lan2:192.168.1.6 ... DNAT lan:10.0.0.254 tcp all lan2:192.168.1.254 Is there an automatic way to do this without writing 255 rules !!! I would very happy to have a solution, as soon as I will need to implement such rules quickly... Stay available for more informations Regards, Karim Mihoubi Linux Admin ********** SPECIAL ADSL ********** L''ADSL ? partir de 15,95 EUR/mois et le modem ADSL offert ? C''est en exclusivit? chez Tiscali ! Pour profiter de cette offre, cliquez ici: http://register.tiscali.fr/adsl/ Offre soumise ? conditions.
On Mon, 2003-06-16 at 09:32, k.mihoubi@libertysurf.fr wrote:> Hi, > > I use shorewall as I find it is very clear for understanding rules and ip filters. > > I need to do such a static NAT : > > DNAT lan:10.0.0.1 tcp all lan2:192.168.1.1 > DNAT lan:10.0.0.2 tcp all lan2:192.168.1.2 > DNAT lan:10.0.0.3 tcp all lan2:192.168.1.3 > DNAT lan:10.0.0.4 tcp all lan2:192.168.1.4 > DNAT lan:10.0.0.5 tcp all lan2:192.168.1.5 > DNAT lan:10.0.0.6 tcp all lan2:192.168.1.6 > ... > DNAT lan:10.0.0.254 tcp all lan2:192.168.1.254 > > Is there an automatic way to do this without writing 255 rules !!! >Not using standard kernels. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
On Mon, 2003-06-16 at 14:23, Tom Eastep wrote:> > You might also want to consider using static NAT....As defined in the file /etc/shorewall/nat. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net