Hi, I need to port forward a number of external IPs to 1 server on a number of ports. At the moment I have: DNAT net loc:10.10.1.19 tcp 8 DNAT net loc:10.10.1.19 tcp 50 DNAT net loc:10.10.1.19 udp 123 DNAT net loc:10.10.1.19 udp 500 DNAT net loc:10.10.1.19 udp 4500 The IPs I want to allow connect to server are: 212.183.133.177 212.183.133.178 212.183.133.179 212.183.133.181 212.183.133.182 How can I set these. Thanks ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
On 09/12/2013 11:02 AM, PH wrote:> Hi, > > I need to port forward a number of external IPs to 1 server on a number of > ports. > At the moment I have: > > DNAT net loc:10.10.1.19 tcp 8 > DNAT net loc:10.10.1.19 tcp 50 > DNAT net loc:10.10.1.19 udp 123 > DNAT net loc:10.10.1.19 udp 500 > DNAT net loc:10.10.1.19 udp 4500 > > The IPs I want to allow connect to server are: > > 212.183.133.177 > 212.183.133.178 > 212.183.133.179 > 212.183.133.181 > 212.183.133.182 > > How can I set these. >Least amount of typing is: /etc/shorewall/params ALLOW=212.183.133.176/29!212.183.133.176,212.183.133.183 /etc/shorewall/rules DNAT net:$ALLOW loc:10.10.1.19 tcp 8 DNAT net:$ALLOW loc:10.10.1.19 tcp 50 DNAT net:$ALLOW loc:10.10.1.19 udp 123 DNAT net:$ALLOW loc:10.10.1.19 udp 500 DNAT net:$ALLOW loc:10.10.1.19 udp 4500 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
Thank you. That''s what I needed. -----Original Message----- From: Tom Eastep [mailto:teastep@shorewall.net] Sent: 12 September 2013 19:39 To: shorewall-users@lists.sourceforge.net Subject: Re: [Shorewall-users] DNAT On 09/12/2013 11:02 AM, PH wrote:> Hi, > > I need to port forward a number of external IPs to 1 server on a > number of ports. > At the moment I have: > > DNAT net loc:10.10.1.19 tcp 8 > DNAT net loc:10.10.1.19 tcp 50 > DNAT net loc:10.10.1.19 udp 123 > DNAT net loc:10.10.1.19 udp 500 > DNAT net loc:10.10.1.19 udp 4500 > > The IPs I want to allow connect to server are: > > 212.183.133.177 > 212.183.133.178 > 212.183.133.179 > 212.183.133.181 > 212.183.133.182 > > How can I set these. >Least amount of typing is: /etc/shorewall/params ALLOW=212.183.133.176/29!212.183.133.176,212.183.133.183 /etc/shorewall/rules DNAT net:$ALLOW loc:10.10.1.19 tcp 8 DNAT net:$ALLOW loc:10.10.1.19 tcp 50 DNAT net:$ALLOW loc:10.10.1.19 udp 123 DNAT net:$ALLOW loc:10.10.1.19 udp 500 DNAT net:$ALLOW loc:10.10.1.19 udp 4500 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk