I am running a jabber server on the same server as my shorewall/firewall. I
also believe that I have a correctly configured a file transfer proxy (Proxy65)
that talks to my jabber server. Currently the Proxy server only listens on
port 7777 on the "loc" network interface of the firewall.
Would a DNAT rule make sense in this scenario (something like this)?
DNAT inet fw:172.16.168.1 tcp 7777
Would that rule forward tcp/7777 traffic from the internet to the firewall
interface that is part of the "loc" zone? If the last statement is true, does
this logic even make sense?
I am able to intiate a transfer from a machine in the "loc" zone, to a jabber
client machine connected to the jabber server via the internet and the file
transfer completes without errors. If the client machine, (connected from the
internet) initiates the transfer, the transfer is unable to start.
There is nothing in the firewall logs that make it look like something is being
blocked. It totally might be an issue on the client side, but as I don't have
confidence in the above rule, I wanted a second opinion.
Thanks.
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
