On Fri, 21 Jun 2002, Dragon Wood wrote: > Yes it worked! Thank you very much Phillip. > > By the way, I put the suggested iptables command in > /etc/shorewall/start like so: > > run_iptables -t nat -A POSTROUTING -o eth1 -j SNAT > --to-source 172.16.100.1
In /etc/shorewall/masq: eth1 0.0.0.0/0 172.16.100.1 I suspect that you really want to restrict the SNAT to connections from a subnet or list of subnets: eth1 <subnet1> 172.16.100.1 eth1 <subnet2> 172.16.100.1 ... -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] ------------------------------------------------------- Sponsored by: ThinkGeek at http://www.ThinkGeek.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
