similar to: DNAT question

https://bugzilla.netfilter.org/show_bug.cgi?id=850 Summary: DNAT applied even after deleting the IP Tables DNAT Rule Product: iptables Version: 1.4.x Platform: All OS/Version: All Status: NEW Severity: major Priority: P5 Component: iptables AssignedTo: netfilter-buglog at

Hi all, net : internet zone dmz : DMZ zone Lan : local network zone in 1.4.6c this rule : DNAT all lan:10.0.0.1 tcp http - 192.0.0.1 does generate the following iptables rules in nat table : Chain OUTPOUT DNAT tcp -- 0.0.0.0/0 192.0.0.1 tcp dpt:http to:10.0.0.1 Chain net_dnat DNAT tcp -- 0.0.0.0/0 192.0.0.1 tcp dpt:http to:10.0.0.1 Chain dmz_dnat

Hi, The private adresses (192.168.254.0/255.255.255.0) of my network are sent dynamically by dhcp on my network. The dhcp server is on the firewall which address is 192.168.254.1/255.255.255.255 (this address is static). I''ve got a rsync server on this network which is on a separe server. His address is 192.168.254.200/255.255.255.255 (this address is static). I want that the users

I have been trying to get DNAT to work and I actually have succeeded too, however, not how I thought it would work when reading through the documentation. 1. No matter what I do I cannot get DNAT to work unless I have an entry in eiter the nat or the proxyarp file. Is that really how it''s supposed to be? I can''t find anything about it in the documentation. 2. Also, in the

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=471 Summary: UDP stream DNAT problem Product: netfilter/iptables Version: linux-2.6.x Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: NAT AssignedTo: laforge@netfilter.org ReportedBy:

https://bugzilla.netfilter.org/show_bug.cgi?id=1423 Bug ID: 1423 Summary: iptables-translate silently discards --ctstate DNAT Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: normal Priority: P5 Component: iptables over nftable

Hi, i''m a shorewall users and i have the following problem: I have one class C range of IP''s and i have three zones (net, dmz , loc) I need create one rule to dnat one valid ip address (but not in use in one computer) to one invalid host in my loc zone. How i do? I try this: DNAT net:200.200.200.200 dmz:200.193.137.38 tcp 137,138,139,445 -

I need to access externally (via Internet) one device in internal network which has no default gateway configured. As the device doesn''t have default gateway, the response to SYN (ie, SYN/ACK) don''t come back to Internet. What I need is a setup to make this connection appears to come from firewall''s internal IP address instead of the public IP of originating requester

https://bugzilla.netfilter.org/show_bug.cgi?id=1056 Bug ID: 1056 Summary: nft: Syntax error with dnat as ct state Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: nft Assignee: pablo at netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=1160 Bug ID: 1160 Summary: dnat ip address not shown in nft list output when using port value Product: nftables Version: unspecified Hardware: x86_64 OS: Fedora Status: NEW Severity: normal Priority: P5 Component: nft

https://bugzilla.netfilter.org/show_bug.cgi?id=1428 Bug ID: 1428 Summary: Unable to dnat to port without defining destination address in inet table Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component:

Hi, after kernel upgrade to 2.4.23 my existing configuration of shorewal 1.4.8 will not start / it fail on DNAT and/or masq with message: "iptables: Invalid argument" / I founded some similar problems description - see links bellow, but there is no solution how to get work shorewall with DNAT and masq with 2.4.23 kernel. http://www.ussg.iu.edu/hypermail/linux/kernel/0312.0/0268.html

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=452 Summary: DNAT to internal network don't work with source routing and 2 uplinks Product: netfilter/iptables Version: linux-2.6.x Platform: i386 OS/Version: Debian GNU/Linux Status: NEW Severity: normal Priority: P2

I have a pretty straightforward shorewall (v 2.0.12) setup in my Phoenix office. IP addresses on the firewall eth0 172.16.10.249 eth1 12.47.198.100 eth1:1 12.47.198.108 eth1:2 12.47.198.101 eth2 172.16.11.249 interfaces: loc eth0 detect net eth1 detect blacklist dmz eth2 detect vpn1 tun1 192.168.124.255 zones net Net

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=552 Summary: Strange DNAT behaviour... packet don't pass to PREROUTING and go directly in INPUT !! Product: netfilter/iptables Version: linux-2.6.x Platform: i386 OS/Version: All Status: NEW Severity: critical Priority: P2

http://bugzilla.netfilter.org/show_bug.cgi?id=763 Summary: dnat and snat not changing port numbers on sctp packets Product: netfilter/iptables Version: linux-2.6.x Platform: x86_64 OS/Version: RedHat Linux Status: NEW Severity: normal Priority: P3 Component: NAT AssignedTo: netfilter-buglog at

https://bugzilla.netfilter.org/show_bug.cgi?id=1134 Bug ID: 1134 Summary: snat and dnat should accept mapping concatenated values for address and port Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5

Hi All, I use rather old Shorewall 3.2.6 and I know it''s no longer supported. I haven''t been updating the software because it works as intended until now. The problem is a simple DNAT rule. I actually have around 8 DNAT rules and they all work just fine. Here is what I want to achieve. I have a SMTP server in my LAN (lets say address 192.168.1.10). The SMTP daemon listens on

Hi, I have an DNAT ISSUE with PREROUTING. This is my setup. I have 2 firewalls running iptables. Pls asume 1.2.3.4/29 is the internet interace of FIRST firewall. 2.3.4.5/29 is the internet interface of SECOND firewall. it has DMZ zone. in that DMZ zone, mail server runnig @ 192.168.100.3 Now I want to DNAT port 25 of FISRT firewall (i.e - its ip address - 1.2.3.4/29) to the internet ip

Hi all in the ShoreWall community, [please CC me since I''m not on the list] I had been using FIAIF for a little while, and the setup of ShoreWall has been much easier, the config for each operation in one place, and I''m very happy with it. That said, it looks like one of the concepts could be taken a bit further. In this case, it is actions. To get the process started, I