Please how do shorewall? -A PREROUTING -s 189.38.16.66 -d 187.50.185.60 -p tcp -m tcp --dport 3389 -j DNAT --to-destination 10.100.1.2 -A POSTROUTING -s 10.100.0.0/255.255.0.0 -d 10.100.1.7 -p tcp -m tcp --dport 53 -j SNAT --to-source 10.100.1.254 -A POSTROUTING -s 10.100.0.0/255.255.0.0 -o eth0 -j MASQUERADE -A POSTROUTING -s 10.100.1.7 -o eth0 -p tcp -m tcp --sport 80 -j SNAT --to-source 187.50.185.60 ------------------------------------------------------------------------------ ThinkGeek and WIRED''s GeekDad team up for the Ultimate GeekDad Father''s Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo
On 6/3/10 11:42 AM, Orlandinei Vujanski wrote:> Please how do shorewall? > > -A PREROUTING -s 189.38.16.66 -d 187.50.185.60 -p tcp -m tcp --dport > 3389 -j DNAT --to-destination 10.100.1.2/etc/shorewall/rules DNAT Z1:189.38.16.66 Z2:10:100.1.2 tcp 3389 - 187.50.185.60 Where Z1 is the zone containing 189.38.116.66 and Z2 is the zone containing 10.100.1.2> > -A POSTROUTING -s 10.100.0.0/255.255.0.0 -d 10.100.1.7 -p tcp -m tcp > --dport 53 -j SNAT --to-source 10.100.1.254/etc/shorewall/masq: ethX:10.100.1.7 10.100.0.0/16 10.100.1.254 tcp 53 Where ethX is the interface to 10.100.1.7> > -A POSTROUTING -s 10.100.0.0/255.255.0.0 -o eth0 -j MASQUERADE/etc/shorewall/masq: eth0 10.100.0.0/1> > -A POSTROUTING -s 10.100.1.7 -o eth0 -p tcp -m tcp --sport 80 -j > SNAT --to-source 187.50.185.60/etc/shorewall/masq: eth0 10.100.1.7 187.50.185.60 tcp - 80 Note: the above rule is very unlikely to do anything useful. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ ThinkGeek and WIRED''s GeekDad team up for the Ultimate GeekDad Father''s Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo
Thanks. -----Mensagem original----- De: Tom Eastep [mailto:teastep@shorewall.net] Enviada em: quinta-feira, 3 de junho de 2010 20:15 Para: shorewall-users@lists.sourceforge.net Assunto: Re: [Shorewall-users] how do shorewall? On 6/3/10 11:42 AM, Orlandinei Vujanski wrote:> Please how do shorewall? > > -A PREROUTING -s 189.38.16.66 -d 187.50.185.60 -p tcp -m tcp --dport > 3389 -j DNAT --to-destination 10.100.1.2/etc/shorewall/rules DNAT Z1:189.38.16.66 Z2:10:100.1.2 tcp 3389 - 187.50.185.60 Where Z1 is the zone containing 189.38.116.66 and Z2 is the zone containing 10.100.1.2> > -A POSTROUTING -s 10.100.0.0/255.255.0.0 -d 10.100.1.7 -p tcp -m tcp > --dport 53 -j SNAT --to-source 10.100.1.254/etc/shorewall/masq: ethX:10.100.1.7 10.100.0.0/16 10.100.1.254 tcp 53 Where ethX is the interface to 10.100.1.7> > -A POSTROUTING -s 10.100.0.0/255.255.0.0 -o eth0 -j MASQUERADE/etc/shorewall/masq: eth0 10.100.0.0/1> > -A POSTROUTING -s 10.100.1.7 -o eth0 -p tcp -m tcp --sport 80 -j > SNAT --to-source 187.50.185.60/etc/shorewall/masq: eth0 10.100.1.7 187.50.185.60 tcp - 80 Note: the above rule is very unlikely to do anything useful. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ ThinkGeek and WIRED''s GeekDad team up for the Ultimate GeekDad Father''s Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo
On 6/3/10 5:43 PM, Orlandinei Vujanski wrote:> > -----Mensagem original----- > De: Tom Eastep [mailto:teastep@shorewall.net]> /etc/shorewall/masq: > > eth0 10.100.0.0/1That should have been: eth0 10.100.0.0/16 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ ThinkGeek and WIRED''s GeekDad team up for the Ultimate GeekDad Father''s Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo