Tom Eastep wrote: > Dirk Nehring wrote: >> Hi, >> >> I think I have found a small bug. The following line works >> >> DNAT net:1.2.3.4 loc:192.168.1.100:22 tcp 10022 >> >> and this does not work >> >> DNAT net:1.2.3.4 loc:192.168.1.100:ssh tcp 10022 >> >> It seem that shorewall does not accept service-names in the >> dnat-destination. > > From 'man shorewall-rules': > > The port number MUST be specified as an integer and not as a > name from services(5).
Seems like a limitation that would be fairly straightforward to work around in shorewall-perl... (Note to Tom: that is not a request to implement it in the next 15 minutes. ;-) -- Paul <http://paul.gear.dyndns.org> -- Did you know? Using Microsoft Internet Explorer can make your computer less secure. Find out more at <http://browsehappy.com>.
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
