On Wednesday 06 April 2011 22:55:41 Tom Eastep wrote: > On 4/6/11 1:39 PM, Steven Jan Springl wrote: > > The attached minimal config. generates the following nat table rules: > > > > *nat > > > > :PREROUTING ACCEPT [0:0] > > :OUTPUT ACCEPT [0:0] > > :POSTROUTING ACCEPT [0:0] > > :dnat - [0:0] > > :net_dnat - [0:0] > > > > -A dnat -j net_dnat > > -A net_dnat -p 6 --dport 1234 -j REDIRECT --to-port 22 > > COMMIT > > > > In the above rules the dnat chain is unreferenced. > > > > If 'physical=+' is removed from eth0 in the interfaces file or it is > > changed to vaule other than '+' then a jump to the dnat chain from the > > PREROUTING chain is generated. > > Steven, > > The attached patch seems to correct this problem. > > -Tom
Tom Confirmed, the patch fixes the problem. Thanks. Steven. ------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
