I'm trying to redirect port 24 to 25 for a single IP. My rules file line is:
DNAT loc dmz:10.10.1.1:25 tcp 24 - 10.10.1.1 It appears that this rule is useless because the original destination IP matches the destination IP. Leaving off the - 10.10.1.1 portion does redirect all tcp traffic from loc destined for port 24 as expected. However, I would still like to have it dropped unless destined for this particular host. The value (Yes/No) of DETECT_DNAT_IPADDRS in shorewall.conf seems to have no effect one way or the other. For now, I've come up with this work around: DNAT loc dmz:66.114.159.164 tcp 24 - 10.10.1.1 I did have this working in an older version of Shorewall that did not include DNAT rules. Is there a way to do what I want? Is this a bug, known issue, or by design with the current version? ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
