On Monday 25 Feb 2013 23:30:00 Tom Eastep wrote: > On 02/25/2013 02:40 PM, Steven Jan Springl wrote: > > I have applied both patches. > > > > When I use the corrected snat entry with 'tcp' appended: > > > > eth0 2001:1::/56 [2001:470:a:227::2]-[2001:470:a:227::10]:1000-1010 > > tcp > > > > I get the following error message: > > > > ERROR: The separator for a port range is ':', not '-' (1000-1010) > > /etc/shorewall6A1/snat (line 10) > > > > When I change the snat entry as indicated in the above message to: > > > > eth0 2001:1::/56 [2001:470:a:227::2]-[2001:470:a:227::10]:1000:1010 > > tcp > > > > I get the following error message: > > > > ERROR: Invalid IPv6 Address > > ([2001:470:a:227::2]-[2001:470:a:227::10]:1000) /etc/shorewall6A1/snat > > (line 10) > > > > If I specify just one port: > > > > eth0 2001:1::/56 [2001:470:a:227::2]-[2001:470:a:227::10]:1000 tcp > > > > The following ip6tables rule is generated: > > > > -A eth0_masq -p 6 -s 2001:1::/56 -j SNAT --to-source > > 2001:470:a:227::2]-[2001:470:a:227::10 --toports 1000 > > > > Which produces the following error message: > > > > ip6tables-restore v1.4.17: Invalid address format > > The attached patch eliminates this problem. > > > Note, the example for the ADDRESS column in the snat man page contains a > > '::' separator between the address and the port range. > > I've corrected the man page. > > Thanks Steven, > -Tom
Tom After the application of the patch snat entry: eth0 2001:1::/56 [2001:470:a:227::2]-[2001:470:a:227::10]:1000 tcp Generates ip6tables rule: -A eth0_masq -p 6 -s 2001:1::/56 -j SNAT --to-source [2001:470:a:227::2]-[2001:470:a:227::10]:1000 Which produces error message: ip6tables-restore v1.4.17: Invalid port:port syntax - use dash Steven. ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
