shacky wrote:> Hi.
>
> I''m configuring a Shorewall system with 3 zones (net, loc, dmz).
> To access to the dmz from the net I configured some DNAT rules like this:
>
> DNAT net dmz:192.168.2.1 tcp 22
>
> With this rules I opened only some ports.
>
> Now I''m thinking about the connection from loc to dmz.
> I want the dmz to be reached from the loc zone with the public IP
> address too (not only with 192.168.2.1, which is the private IP
> address of the server in the dmz zone), but I don''t understand
what
> technique I have to use.
> Please note that the public IP address is on the net zone, not on the loc
zone.
> Have I to use masq or DNAT?
>
> Please could you get me some ideas?
Please see Shorewall FAQ 2b (a.k.a FAQ 1d).
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/