If I have a traditional 3-interface shorewall setup (as described in the
quickstart guides, for instance), and I have a server in the DMZ zone,
is it possible to use DNAT rules to port-forward connections from the
"loc" zone to the "dmz" zone? I''m thinking of a
line something like
this (in the "rules" file):
DNAT loc dmz:192.168.1.3 tcp 80 - 192.168.50.3
I can''t think of any reason why it wouldn''t, but I have never
seen an
example or anyone else''s config files that did something like this.
Also, assuming this does work, can I use DNAT from "loc" to
"dmz"
alongside the more traditional DNAT from "net" to "dmz"
rules, like this?
DNAT net dmz:192.168.1.3 tcp 80 - 66.60.10.54
Thanks for the help--I know this is probably a no-brainer, but I
couldn''t find an explicit answer, anywhere.
-Ryan
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache''s Geronimo App Server.
Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php