"Charlie Brady" <[EMAIL PROTECTED]> wrote:
>
> On Sat, 31 Mar 2001, Darrell May wrote:
>
> >
> > /sbin/ipchains -I input -p tcp --destination-port 1494 -j ACCEPT
> > /sbin/ipchains -I input -p udp --destination-port 1604 -j ACCEPT
> >
> > /usr/sbin/ipmasqadm portfw -a -P tcp -L $OUTERNET 1494 -R $CITRIX 1494
> > /usr/sbin/ipmasqadm portfw -a -P udp -L $OUTERNET 1604 -R $CITRIX 1604
>
> I had a look at this today too, Darrell. What you've written here pretty
> much matches with my understanding of what is required. One or two things
> I'd add, however.
>
> You will need:
>
> /usr/sbin/ipmasqadm portfw -f
My understanding of the -f command is that it flushes the ruleset, wouldnt
this erase any previous forwarding rules that may be added in the future.
Rob.
