Dash Four wrote: > > Tom Eastep wrote: >> Thank you for testing, >> > masq > ~~~~ > eth0:0:+outside-hosts[dst,dst] +private-net 10.11.1.2 > > when ADD_IP_ALIASES=No and ADD_SNAT_ALIASES=No the above statement > passes without a hint of an error or a warning. Even if I do > ADD_IP_ALIASES=Yes and ADD_SNAT_ALIASES=Yes, the appropriate > "del_ip_addr" and "add_ip_aliases" are added to the resulting > "firewall" file, but the above statement is completely ignored by > shorewall and nothing is added in my nat table to masquerade this > connection. Interesting, when I have:
masq ~~~~ eth0:: eth0:0:+outside-hosts[dst,dst] +private-net 10.11.1.2 Then the second statement is ignored (well done to the optimizer!), but when I have: masq ~~~~ eth0:0:+outside-hosts[dst,dst] +private-net 10.11.1.2 eth0:: both statements are produced, so the only "gripe" is to maybe issue a warning/error when ADD_SNAT_ALIASES=No and I have "eth0:0" in masq. ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
