Doug White <[EMAIL PROTECTED]> writes: > Florin: > > I tried this, but maybe I am missing something. You mean like: > 172.16.96.0/19!172.16.96.151__172.16.96.152 > or is there a missing symbol in the email? I tried above and that is not > working > > I did learn that the masquerades are processed after the static nats so it > really shouldn't be necessary to exclude these if they are snatted > already, right? However, I would like to be able to do this so could you > clarify what __ means with an example? I also noticed in the shorewall > docs that they specified the subnet CIDR for each address: > 172.16.96.0/19!172.16.96.151/19,172.16.96.152/19
In the mnf frontend one cannot enter "," because this will be read like argument separation. So, if you type doug,white only doug will be considered and the white part will be lost. A "dirty" solution for this is to type doug__white in the frontend. So, in the web inteface you will always see doug__white but the backend will replace the __ with a , while creating the real file through the template ... so in your real configuration file you will find doug,white and this should work. Make sure you're using my last packages. Remark: the above only works in the firewall section (the /etc/shorewall configuration files that is ) let me know if this is still not clear enough ... > Is that necessary in MNF? > > Thanks > > Doug > > Florin wrote: > > >Doug White <[EMAIL PROTECTED]> writes: > > > > > >>I am trying to set up a DHCP component to a network with Beta 2. > >> > >>If I allow dhcp addresses, do I need to masquerade the interface to > >>allow the dhcp addresses on the interenet. I tried this using > >> > >>172.16.96.0/19!172.16.96.151,172.16.96.152 > >> > > > >you cannot use commas in the web frontend. I might add a code like __ and > > this will be translated into a comma in the backend ... > >>as the masq setup since I have several servers on that subnet that are > >>static nat (151 and 152). This causes major problems (errors when > >>shorewall tries to restart). > >> > > > > I presume you have something like the following: > > 172.16.96.0/19!172.16.96.151, > > > > > >which generates a shorewall error > > > > > >>Any thoughts. > >> > >>Secondly: > >> > >>Where are the files used to generate "rules" in /etc/shorewall/rules. > >> > >>It says to edit the template file but the template file is a script and > >>I couldn't figure out where the rules originate. I want a way to backup > >>just parts of the firewall (like the rules) without the entire > >>configuration backup. > >> > > > > > >/usr/share/naat/templates/etc are the templates and they use the variables > >from /var/lib/naat/configuration : RulesList in your case (be careful if > >you edit that by hand because it's a huge single line) :o) > > > > > >>I figured out a way to do this by editing the backup text file and > >>inserting the rules I want there but it would be easier to just copy in > >>the base files. > >> > > > >copy the RulesList line > > > > ------------------------------------------------------------------------ > > > >____________________________________________________ > > Want to buy your Pack or Services from MandrakeSoft? Go to > > http://www.mandrakestore.com > >Join the Club : http://www.mandrakeclub.com > >____________________________________________________ > > > > ____________________________________________________ > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com > Join the Club : http://www.mandrakeclub.com > ____________________________________________________ -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
