Hello All, I have a doubt about converting some iptables rules to shorewall, I have a setup with $FW, loc, net in my rules file I want to implement the following rule to use with IMSpector, I tried find something equivalent but no luck... iptables -t nat -A OUTPUT -p tcp --destination-port 1863 -m owner --uid-owner 100 -j REDIRECT --to-ports 16667 So if anyone can help I will be grateful!!! Best regards, Arnaldo Giacomitti Junior ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d
On Wed, 2012-02-01 at 16:58 -0200, Arnaldo Giacomitti Junior wrote:> Hello All, > > > I have a doubt about converting some iptables rules to shorewall, I > have a setup with $FW, loc, net in my rules file I want to implement > the following rule to use with IMSpector, I tried find something > equivalent but no luck... > > > iptables -t nat -A OUTPUT -p tcp --destination-port 1863 -m owner > --uid-owner 100 -j REDIRECT --to-ports 16667 > > > So if anyone can help I will be grateful!!!In /etc/shorewall/rules: #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ # PORT(S) PORT(S) DEST LIMIT GROUP REDIRECT- $FW 16667 tcp 1863 - - - 100 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d
Thanks Tom!
Also I can use:
REDIRECT- $FW:192.168.0.232 16667 tcp 1863 - -
- 100
For just redirect one machine????
Best regards,
Arnaldo.
On Wed, Feb 1, 2012 at 18:52, Tom Eastep <teastep@shorewall.net> wrote:
> On Wed, 2012-02-01 at 16:58 -0200, Arnaldo Giacomitti Junior wrote:
> > Hello All,
> >
> >
> > I have a doubt about converting some iptables rules to shorewall, I
> > have a setup with $FW, loc, net in my rules file I want to implement
> > the following rule to use with IMSpector, I tried find something
> > equivalent but no luck...
> >
> >
> > iptables -t nat -A OUTPUT -p tcp --destination-port 1863 -m owner
> > --uid-owner 100 -j REDIRECT --to-ports 16667
> >
> >
> > So if anyone can help I will be grateful!!!
>
> In /etc/shorewall/rules:
>
> #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL
> RATE USER/
> # PORT(S) PORT(S) DEST
> LIMIT GROUP
> REDIRECT- $FW 16667 tcp 1863 - -
> - 100
>
> -Tom
> --
> Tom Eastep \ When I die, I want to go like my Grandfather who
> Shoreline, \ died peacefully in his sleep. Not screaming like
> Washington, USA \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>
>
>
>
------------------------------------------------------------------------------
> Keep Your Developer Skills Current with LearnDevNow!
> The most comprehensive online learning library for Microsoft developers
> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
> Metro Style Apps, more. Free future releases when you subscribe now!
> http://p.sf.net/sfu/learndevnow-d2d
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
On Thu, 2012-02-02 at 12:59 -0200, Arnaldo Giacomitti Junior wrote:> Also I can use: > > > REDIRECT- $FW:192.168.0.232 16667 tcp 1863 - - - 100 >To redirect only traffic addressed *to* 192.168.0.232, you would use: #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ # PORT(S) PORT(S) DEST LIMIT GROUP REDIRECT- $FW 16667 tcp 1863 - 192.168.0.232 - 100 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d