Hello, shorewall-users. Can somebody explain me, how I can write in rules of shorewall such rules of iptables: local_ip_range="10.1.1.0/24" internet_ip="x.x.x.x" echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t mangle -A FORWARD -j MARK --set-mark 0x1 iptables -A FORWARD -j ULOG --ulog-nlgroup 1 --ulog-cprange 48 --ulog-qthreshold 50 --ulog-prefix "FORWARD" iptables -t nat -A POSTROUTING -s $local_ip_range -o eth1 -j SNAT --to-source $internet_ip iptables -A INPUT -p TCP -s 10.1.1.1 --dport 1723 -j ACCEPT iptables A INPUT -p 47 -s 10.1.1.1 -j ACCEPT Best regards, Rishat mailto:trr@mail.ru ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Hello, shorewall-users. Can somebody explain me, how I can write in rules of shorewall such rules of iptables: local_ip_range="10.1.1.0/24" internet_ip="x.x.x.x" echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t mangle -A FORWARD -j MARK --set-mark 0x1 iptables -A FORWARD -j ULOG --ulog-nlgroup 1 --ulog-cprange 48 --ulog-qthreshold 50 --ulog-prefix "FORWARD" iptables -t nat -A POSTROUTING -s $local_ip_range -o eth1 -j SNAT --to-source $internet_ip iptables -A INPUT -p TCP -s 10.1.1.1 --dport 1723 -j ACCEPT iptables A INPUT -p 47 -s 10.1.1.1 -j ACCEPT Best regards, Rishat mailto:trr@mail.ru ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
òÉÛÁÔ ôÅÒÅÇÕÌÏ× wrote:> Hello, shorewall-users. > Can somebody explain me, how I can write in rules of shorewall such rules of iptables:Asking the same thing again won''t get you a better response. Try reading the quick start guide [1] and then if you can''t figure out what you need to know from that, ask a more specific question. Paul <http://paulgear.webhop.net> [1] http://shorewall.net/shorewall_quickstart_guide.htm -- Did you know? If you receive a virus warning from a friend and not through a virus software vendor, it''s likely to be a hoax. See <http://gear.dyndns.org:81/features/virus_hoaxes> for more info. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV